Infosec.Pub

From Input Output via this RSS feed

Many organizations still rely on weak authentication methods while workers’ personal habits create additional risks, according to Yubico. Training and policy gaps 40% of employees said they have never received cybersecurity training. Even among those who have, the guidance is often outdated because many organizations wait months before updating their security policies. This delay leaves people unprepared. Employees who do not understand current risks are more likely to fall back on familiar habits, which attackers … More → The post Old authentication habits die hard appeared first on Help Net Security.

From Ergo Platform via this RSS feed

Apple Inc. faces an investigation in France over the use of voice recordings made with its assistant Siri.

Recently [Anthony Francis-Jones] decided to take a closer look at the inhaler that his son got prescribed for some mild breathing issues, specifically to teardown the mechanical counter on it. …read more

Hospitals, airports, and campuses are no longer dealing with separate security problems. Someone can slip past a checkpoint while another actor launches a network scan, and together those actions create a bigger risk than either one alone. Most surveillance tools and patrol robots are built to catch one or the other. A new study introduces ARGUS, a mobile system that watches the digital and physical environment at the same time and ties its findings together. … More → The post Meet ARGUS, the robot built to catch hackers and physical intruders appeared first on Help Net Security.

While high-profile attacks grab headlines, a security researcher warns the UK's "chronic shortage of cyber professionals" is left unaddressed by government, industry, and academia.

New York Times: How Larry Ellison is focusing his philanthropic efforts on the Oxford-based, for-profit Ellison Institute of Technology, promising to spend £1B on the project  —  Oracle's co-founder and the world's second-richest person pledges to concentrate his vast resources on his own research institute …

I can see this community is very much crickets but maybe someone would have some insight...

If pCloud has a facility in Austin, TX USA - then its EU storage ain't shit for privacy because of the US CLOUD Act, right?

Why would anyone pay more when the vulnerability is built into the company? Or am I reading that wrong?

CLOUD Act says even if the EU protects the user data privacy because it's stored in the EU, if the company storing it is US based and/or if the company storing it has facilities also in the US, that leaves them open to subpoena.

Thoughts?

A spike in suspicious scans targeting Palo Alto Networks login portals indicates clear reconnaissance efforts from suspicious IP addresses, researchers warn.  [...]

From Input Output via this RSS feed

From Input Output via this RSS feed

From Input Output via this RSS feed

From Input Output via this RSS feed