Analysis

Black Hat keynote: Why security culture needs to change

Dino Dai Zovi tells Black Hat audience to embrace a culture where security is everyone's job and risks are shared. Automation with feedback loops also key to solving security challenges at scale

Is Siri listening to my conversations?

We investigate Apple's Siri privacy claims, after it suspends its voice assistant's 'grading' system amid whistleblower claims. Is Siri on your iPhone, iPad, Mac and HomePod listening in on your personal conversations - and more?

Inside the 2014 hack of a Saudi embassy

According to documents seen by CSO, an unknown attacker took control of the official email account of the Saudi embassy in The Netherlands and demanded a ransom of $50 million for ISIS.

Capital One breach: What you need to know (and do next)

Capital One has revealed that some 100 million customers had their personal information stolen in a hack earlier this year. Here's everything you need to know.

Researchers to launch intentionally ‘vulnerable’ blockchain at Black Hat

Cybersecurity vendor Kudelski Security hopes the flawed open-source ledger it's created will help users learn about blockchain and let developers suggest security enhancements.

Equifax’s data breach disaster: Will it change executive attitudes toward security?

Equifax's 2017 breach will cost it billions in fines, customer restitution and mandated and voluntary security improvements. All organizations that profit from consumer data should take notice.

The role of next-gen firewalls in an evolving security architecture

As the commercial enterprise firewall approaches its 30th birthday, it is hard to overstate how dramatically the product has evolved. This 2,700-word research report looks the current state of next-generation firewall technology.

Why getting election security right for 2020 matters

The U.S. is moving at glacial speed to secure election systems against possible interference by foreign adversaries. We're not even close to ready, and that could call contests into question.

FaceApp sparks a frenzied witch hunt, but concerns around facial recognition valid

The vastly popular Russia-born FaceApp has the internet in a tizzy. The US, quick to sniff out a Russian conspiracy, is crying wolf over privacy concerns. It does have a point, though.

Worst DNS attacks and how to mitigate them

DNS threats including DNS hijacking, tunneling, phishing, cache poisoning and DDoS attacks are all on the rise.

Companies with zero-trust network security move toward biometric authentication

According to new research, more companies are enabling biometric authentication on devices to verify access requests.

Zoom fixes webcam flaw for Macs, but security concerns linger

The desktop chat app firm this week came under fire for moving slowly to close a potential security flaw affecting macOS users.