In-brief: Machine learning is all the rage in the information security industry. But a study by Endgame and University of Virginia suggests that it may be vulnerable to manipulation by sophisticated AI-driven tools.
Technologies
German Electronics Store Sued for Selling Un-Patchable Android Phones
In-brief: That’ll be $99, or $150 without the vulnerabilities! A lawsuit in Germany is trying to force stores to come clean about security holes in the products they sell to consumers.
Heartbleed’s Heartburn: Why a 5 Year Old Vulnerability Continues to Bite
In-brief: more than three years after it was first discovered, the Heartbleed vulnerability in OpenSSL continues to plague organizations worldwide. Why has it been so hard to fix? In this Industry Perspective, Patrick Carey of the firm Black Duck talks about some of the complicating factors that make vulnerabilities like Heartbleed so hard to eradicate.
Petya Malware may be an Early Test of Muscular Trump Cyber Doctrine
In-brief: In the hours before the Petya malware began circulating, two high level Trump Administration officials called for a tougher stand against online actors who sow chaos. The question now is how the Administration will react.
Podcast: The Internet of Things’ Entropy Problem and why it matters
In-brief: Governments may worry about the democratization of strong encryption. But a bigger problem may be that the encryption we think is strong really isn’t, says Richard Moulds of the firm Whitewood. In this podcast, we talk about the.growing difficulty of generating truly random numbers in cloud environments and on the Internet of Things and how ‘entropy as a service’ may be the answer.
