Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.
The election race for the governorship of the state of Georgia promises to be tight, with current estimates showing that Democrat Stacey Abrams and Republican Brian Kemp are in a statistical dead heat. Unfortunately, Georgia is also one of five states that continue to use fully electronic voting with no verified paper ballot trails, raising […]
In May, a new modular malware system—dubbed VPNFilter—began running rampant among small and home office-based routers as well as network-attached storage. More than 500,000 devices in 54 countries were infected by the software, according to networking giant Cisco, and what’s more—the malware scanned for traffic used in many industrial control systems, known as Modbus. The […]
Over the past six months, a relatively unsophisticated group of attackers used a variety of remote access Trojans to attempt to grab banking details from companies—a scheme reminiscent of tactics used by cyber-criminals. Yet, these attacks also targeted a number of Russian, Spanish and U.S. government agencies and were more likely the work of nation-state […]
Many companies are failing to implement the most basic security controls to lock down their networks and data, an oversight that leaves them less able to respond to attacks and security incidents. While security hardening guides that prioritize the most basic steps are freely available from the National Institute of Standards and Technology (NIST), the […]
With the increase in popularity of agile development and DevOps methodologies, containers have taken off as a way to create easily managed and reproducible software components. Attackers have taken notice, however, and attempts to compromise containers are on the rise. When container management firm Sysdig put a cluster of containers online and exposed the application […]
On July 9, crypto-currency exchange Bancor announced that hackers had compromised one of the company’s digital wallets, using the keys to steal about $23.5 million in Ethereum and other digital currencies. The compromise is the latest digital theft of crypto-currencies based on digital tamperproof ledgers, known as blockchains. In Bancor’s case, however, the company had […]
Voice-activated digital assistants—such as the Amazon Echo that sits on your counter to Cortana on your Windows systems or Siri on Apple’s iPhones—are intended to connect users to services through an easy-to-use voice interface. However, the voice assistants are making cyber-attackers’ jobs easier as well. At the Black Hat conference later this month, for example, […]
For months, marketing and online-services companies have dreaded the coming of the General Data Protection Regulation (GDPR), pro-privacy rules protecting European citizens that went into force on May 25. Yet, few understood the impact that the rules would have on another group: security researchers. Worried about falling afoul of the regulations, a number of domain-name […]
Late last year, chip makers and operating-system vendors scrambled to create critical fixes for three vulnerabilities. However, unlike most typical software flaws that are regularly patched, these vulnerabilities were in the processors created by Intel, AMD and other chip makers and not in the applications and operating systems that run on top of those processors. […]
Before speculation led to the skyrocketing market capitalizations of crypto-currencies over the past year, online crime was a significant driver of the commercial value of Bitcoin, Ethereum and other digital currencies. Dark Web transactions for drugs, payoffs for ransomware attacks and money laundering for a variety of criminal enterprises drove much of the initial value […]