Tag: encryption

Podcast Episode 76: Inside the Alteryx Breach with Chris Vickery

Podcast Episode 76: Inside the Alteryx Breach with Chris Vickery

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s edition of The Security Ledger Podcast we talk with security researcher and data spelunker Chris Vickery of the firm UpGuard about his discovery of  a data trove containing consumer profiles on 123 million American households. Also: there’s a tough new standard for handling federal data come January 1st in the form of NIST’s 800-171 standard. And: Katie Moussouris joins us back in the studio to talk about what the updated Wassenaar Arrangement means for security researchers.

DARPA is funding research by the University of Michigan into a making unhackable computers using hardware-based security.

University of Michigan Lands $3.6m DARPA Grant for Unhackable Hardware

The University of Michigan announced that it has received a $3.6 million grant to develop hardware based security features that will make Internet connected systems “unhackable.” The grant will fund a project called MORPHEUS, which is developing a means of fending off hackers by turning computer circuits into the equivalent of “unsolvable puzzles,” according to a statement issued by University of Michigan. The grant was issued as part of a $50-million DARPA program to improve cybersecurity by marrying cybersecurity features with hardware rather than software. “Instead of relying on software Band-Aids to hardware-based security issues, we are aiming to remove those hardware vulnerabilities in ways that will disarm a large proportion of today’s software attacks,” says Linton Salmon, manager of DARPA’s System Security Integrated Through Hardware and Firmware (SSITH) program. Nine grants have been awarded under the SSITH program, including the $3.6 million of funding for the University of Michigan […]

Podcast: Infosec has a #MeToo Problem also TOR-ifying Wikipedia

Podcast: Infosec has a #MeToo Problem also TOR-ifying Wikipedia

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn this week’s Security Ledger Podcast, we talk with Genevieve Southwick, CEO of the B-Sides Las Vegas hacker conference about the information security industry’s #metoo problem and what steps conference organizers are taking to stem sexual assault and harassment at information security events. Also: researcher Alec Muffet talks with us about making a TOR version of Wikipedia (and why it’s not sticking around). Finally, Martin McKeay of Akamai talks about the state of Internet security one year after Mirai. (Spoiler alert: Mirai is still a problem.)