Former Exploit Broker: ‘Market is Misrepresented’
ORLANDO–The buying and selling of exploits for zero-day vulnerabilities in software is perhaps the most controversial topic in the security community over the last few years, but the CEO of a company that used to be one of the main players in that world said the market is misunderstood and not the hive of evil […]
How a Data Breach Pushed Duke University Into the Two-Factor Authentication Era
ORLANDO–One of the few topics that it is relatively easy to get consensus on in the security community is that passwords have outlived their usefulness as a standalone means of authentication. Two-factor authentication, in various forms and factors, has become the main way to fix this, but getting users and management to buy into the […]
How the Focus on Technology is Undermining Security
ORLANDO–It’s accepted as fact that many of the compromises and data breaches that make headlines and cost CSOs their jobs are accomplished through the use of known vulnerabilities and old techniques. These problems are fixable, but throwing money and technology at them is not the right answer, experts say. The security industry is experiencing an […]
Crypto Debate is About Power and Authority, Experts Say
Building devices and communications infrastructure that are resistant to compromise and surveillance has become an imperative in today’s environment, but it’s work that can run into roadblocks from government. The most pertinent current example is the encryption debate, and security experts say the security and privacy of users depends on the outcome of the conflict. The […]
FBI’s Mystery iPhone Technique at Center of Discussion
Apple has just released a new version of iOS, and it contains a number of important security fixes, notably one for a bug in iMessage. But there is at least one known vulnerability that isn’t patched in this version, and it’s in the hands of the FBI. The details of the flaw aren’t known, and […]