This article originally appeared on SC Media UK.

The G20 brings together the governments of the 20 most powerful nations on earth (Casa Rosada via Wikimedia Commons)
The leader of the Internet Society has called for the mass encryption of the internet. The society’s President and CEO Kathryn Brown said as much in a blogpost friday.

In the blog, she said global economies are underpinned by a securely connected world: “Strong encryption is an essential piece to the future of the world’s economy and the Internet Society believes it should be the norm for all online transactions.”


A free and open source tool called “Truffle Hog” can help developers check if they have accidentally leaked any secret keys through the projects they publish on GitHub.

Truffle Hog is a Python tool designed to search repositories, including the entire commit history and branches, for high-entropy strings that could represent secrets, such as AWS secret keys.


While many of us are busy worrying about an internet apocalypse at the hands of IoT bots, there are many other ways the global network could be brought to its knees. A little over 350 of them, in fact, are lying at the bottom of the ocean.

Submarine cables stretch across the world, managing almost all the internet’s traffic between them. That’s everything from financial settlement systems through to voice and video calls.


Doing conversations with your friend on iMessage and thinking that they are safe and out of reach from anyone else other than you and your friend? No, it’s not.

End-to-end encryption doesn’t mean that your iMessages are secure enough to hide your trace because Apple not only stores a lot of information about your iMessages that could reveal your contacts and location, but even share that information with law enforcement via court orders.


The TeamViewer community on Reddit has brought to light claims that while using TeamViewer, their computers were hacked, PayPal and other banking accounts completely drained and malicious software installed.

Users took to the Reddit community to alert others that while looking through their log files of connections to the computer, they had found unknown computer logins from unknown locations.

TeamViewer is a popular remote desktop access client, which is often used by IT department for example to service a client’s PC from anywhere in the world. This means they can use your computer normally, without having to actually be in the room.


Cybercriminals attacked the healthcare industry at a higher rate than any other sector in 2015, and more than 100 million healthcare records were compromised last year, according to a new report published by IBM.

In fact, 2015 was “the year of the healthcare breach,” IBM said in its 2016 Cyber Security Intelligence Index.

The rate of attacks against the healthcare sector climbed to the highest level of all industries studied in 2015, after not making the top five in 2014, as healthcare leaped ahead of the manufacturing, financial services, government and transportation industries.


Martin Roesch, Vice President and Chief Architect of the Cisco Security Business Group, said that complexity is a real problem to be addressed and while we complain about it, no one does anything about it.

“It is a big deal as there are 551 vendors here, does that mean it is 551 complimentary things?” Roesch, who founded Sourcefire, discussed that he had talked to an IDS vendor who were building a company around technology, and he advised them to think about what they were bringing, and the cost to implement on top.


DNS is short for Domain Name System, the online service that converts server names into network numbers.

Without it, you wouldn’t be able to refer to a server called example.com – you’d have to remember 93.184.216.34 instead.


A list of the controls you need plus how to implement them

Prioritizing security measures is the first step toward accomplishing them, and the SANS Institute has created a list of the top 20 critical security controls businesses should implement.

They include some obvious steps, such as getting a comprehensive inventory of all network devices and software, implementing secure hardware configurations and providing for data recovery, but also gets into areas that are less evident.