Organisations are always looking for ways to improve their cyber security defences, but they often overlook the value of enrolling their employees on cyber security training courses. According to a study by Centify, 77% of…
NotPetya
Wired has a long article on NotPetya. Read more: schneier.com
On Cybersecurity Insurance
Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Unfortunately, the…
France Outlines Its Approach to Cyberwar
In a document published earlier this month (in French), France described the legal framework in which it will conduct cyberwar operations. Lukasz Olejnik explains what it means, and it's worth reading. Read more: schneier.com
Exploiting GDPR to Get Private Information
A researcher abused the GDPR to get information on his fiancee: It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR), which came into force in…
Brazilian Cell Phone Hack
I know there's a lot of politics associated with this story, but concentrate on the cybersecurity aspect for a moment. The cell phones of a thousand Brazilians, including senior government officials, was hacked -- seemingly…
The Cost of Cybercrime
Really interesting paper calculating the worldwide cost of cybercrime: Abstract: In 2012 we presented the first systematic study of the costs of cybercrime. In this paper,we report what has changed in the seven years since.…
Visiting the NSA
Yesterday, I visited the NSA. It was Cyber Command's birthday, but that's not why I was there. I visited as part of the Berklett Cybersecurity Project, run out of the Berkman Klein Center and funded…
Ghidra: NSA’s Reverse-Engineering Tool
Last month, the NSA released Ghidra, a software reverse-engineering tool. Early reactions are uniformly positive. Three news articles.Read more: schneier.com