Threatpost sat down with Helme to discuss the state of web security, including certificate transparency, HTTPS deployment, Let’s Encrypt, content security policy and HTTP strict transport security. Scott Helme, the well-known security researcher, international speaker and the founder of the securityheaders.com and report-uri.com free tools for web security, has devoted himself to improving the security […]
A new feature called site isolation is being tapped to protect Chrome users against Spectre. Google introduced new security mitigations for its Chrome browser to defend against recently discovered Spectre variants. The new security feature, called site isolation, essentially isolates different browser work processes between various browser tabs. That means one tab’s webpage rendering and […]
The Information Commissioner’s Office (ICO) is set to levy the maximum fine under the old data protection regime against Facebook for failings linked to the Cambridge Analytica scandal. The privacy regulator issued a new report on Wednesday detailing its wide-ranging investigation into the use of data analytics for political campaigning. It claimed to have issued […]
Breached online firm Timehop has revealed more details about a security incident which affected 21 million people, which will be an interesting test case for GDPR regulators. The firm originally said it discovered a network intrusion on July 4 resulting in the compromise of names, email addresses and phone numbers. However, in an update on […]
FBI special agent Eric M. Proudfoot filed a criminal complaint on 9 July charging former Apple employee Xiaolang Zhang with the crime of stealing trade secrets from the tech giant. Zhang, who began working for Apple at the end of 2015, was a hardware engineer working on Apple’s autonomous vehicle development team. Details of the […]
Upcoming changes to the WebAssembly (Wasm) format may defang the browser patches for infamous side-channel attacks Meltdown and Spectre. Wasm was invented to improve execution speed for porting desktop applications to web-based environments; programs are compiled in Wasm and then can easily be run in a browser. It’s more efficient than traditional JavaScript, but it’s […]
Extortion emails that threaten recipients with a WannaCry infection if they don’t pay up are making the rounds in the UK and elsewhere. The activity prompted an alert Friday from the City of London’s Action Fraud unit, which said at the time that police had already received almost 300 reports in just a two-day span. […]
Her Majesty’s Revenue and Customs (HMRC) in the UK is under investigation by that country’s regulator over the collection of more than 5 million biometric voice IDs. The Information Commissioner’s Office (ICO) is investigating the tax agency’s practice, which may violate the recently implemented General Data Protection Regulation, following an official complaint from watchdog group […]
A new study by Unisys Corporation found that today’s employees are so keen on technology that they would consider leaving their place of employment if they aren’t empowered with the most updated technology. The study attempted to gauge employee perspectives on the importance of deploying current and future digital capabilities in the workplace and queried more than 12,000 members of […]
Three women chosen from a large pool of highly qualified candidates are the new recipients of Morphisec‘s Women in Cybersecurity Scholarship. An independent judge, Limor Elhayani, made the final determinations. Elhayani is vice president of threat engineering at Citi and has herself been the only woman in the room for most of her professional life. In an effort to bring […]
