Security Management Strategies for the CIO-
Black Hat 2012: Pepper Flash sandbox bolsters Google Chrome security
Researchers from IBM's X-Force Advanced Research Team demonstrated how an attacker could escape a Flash sandbox implementation at Black Hat.31 Jul 2012
-
Surviving cyberwar: Preparing for APTs, Stuxnet malware-style attacks
Surviving cyberwar is now a priority for enterprises, with more Stuxnet malware-style attacks sure to come. Expert Nick Lewis has a defensive primer.31 Jul 2012
-
Security researcher wins Microsoft Blue Hat prize for kBouncer
A new defensive technique that can be used in Intel-based processors could thwart memory-based return oriented programming attacks.30 Jul 2012
-
Using the network to prevent an Oracle TNS Listener poison attack
Expert Michael Cobb details the Oracle TNS Listener poison attack and tells how enterprises can use the network to defend vulnerable applications.30 Jul 2012
-
IPS/IDS technologies: Innovations and changes
Haven’t shopped for an IDS/IPS in a while? Karen Scarfone details important recent innovations to IDS/IPS technologies.30 Jul 2012
-
Black Hat 2012: SSL handling weakness leads to remote wipe hack
Researcher Peter Hannay's man-in-the-middle attack exploited an SSL handing flaw to remotely wipe Android and iOS mobile devices via Exchange server.30 Jul 2012
-
Apple's AuthenTec purchase may pave way for iOS biometrics
In addition to fingerprint technology, AuthenTec provides mobile security software licenses. One of its customers is Samsung, a main rival of Apple's.27 Jul 2012
-
Black Hat 2012: Security visibility and the hidden message
SearchSecurity.com Black Hat 2012 contributor Jennifer Minella says security visibility was the underlying theme of this year's event.27 Jul 2012
-
Black Hat 2012: Rodrigo Branco on new malware research database
Video: Qualys vulnerability researcher Rodrigo Branco discusses his new malware analysis system that will serve as a malware research database.27 Jul 2012
-
Black Hat 2012: David Litchfield slams Oracle database indexing
At Black Hat 2012, longtime Oracle thorn David Litchfield presents working exploits targeting Oracle database indexing vulnerabilities.26 Jul 2012
-
Black Hat 2012: Apple tech talk a missed opportunity, researchers say
Thursday's Apple tech talk marked its first public discussion about iOS security, but only covered what security researchers already know.26 Jul 2012
-
Black Hat 2012: Poor mobile app security drains enterprise data
Mobile apps collect a myriad of data sources from contacts to location information and could also be accessing sensitive enterprise data.26 Jul 2012
-
Black Hat 2012: On-stage NFC hack highlights NFC security issues
Researcher Charlie Miller says Near Field Communication or NFC security issues open a huge attack surface on smartphones.26 Jul 2012
-
Black Hat 2012: New Zeus variants are more dangerous
Video: Brett Stone-Gross of Dell SecureWorks explains how Gameover, a sophisticated version of the Zeus Trojan, steals banking credentials.26 Jul 2012
-
Black Hat 2012: Phishing and social engineering penetration testing
Video: Anti-spear phishing training is controversial, but can be effective if it is done right, says Rohyt Belani, CEO and co-founder of PhishMe Inc.26 Jul 2012
-
Video: Expert makes case for end-user phishing tests
Anti-spear phishing training is controversial, but can be effective if it is done right, says Rohyt Belani, CEO and co-founder of PhishMe Inc.26 Jul 2012
-
FFIEC statement on cloud risk misses the mark
Bank regulators provide few details on managing cloud risks.26 Jul 2012
-
Black Hat 2012: Dan Kaminsky tackles secure software development
Security researcher Dan Kaminsky’s annual "black ops" talk at Black Hat 2012 focused improving secure software development with better code.25 Jul 2012
-
Black Hat 2012: Limited release for tool allowing smart meter hacks
Don Weber of InGuardians is releasing his smart meter hacking tool, but only to utilities, vendors and vendor-vetted researchers.25 Jul 2012
-
Crisis Trojan, new Mac OSX Trojan, considered a low risk for now
Mac security vendor Intego identified the Crisis Trojan, a new Mac OSX Trojan, as a likely future weapon for targeted attacks against Apple endpoints.25 Jul 2012
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central