• April 15, 2016 15 Apr'16

    Burr-Feinstein draft bill fuels encryption debate

    The encryption debate continues with release of the official draft of Burr-Feinstein 'Compliance with Court Orders Act of 2016' mandating court order compliance.

  • April 14, 2016 14 Apr'16

    Badlock vulnerability proves a bust for responsible disclosure

    The much-hyped Badlock bug is still important to patch, but raised issues with celebrity vulnerability promotion and responsible disclosure of security vulnerabilities.

  • April 12, 2016 12 Apr'16

    April 2016 Patch Tuesday: Badlock isn't a priority

    Microsoft's April 2016 Patch Tuesday includes a patch for Badlock, a vulnerability which experts call "overhyped," but the most important patches may need extra care to apply.

  • April 12, 2016 12 Apr'16

    WordPress SSL now free for hosted sites, thanks to Let's Encrypt

    Customers with hosted sites will now have WordPress SSL turned on for free by default, thanks to Let's Encrypt certificates, potentially making a large number of websites more secure.

  • April 08, 2016 08 Apr'16

    Encrypted messaging for all, as WhatsApp encryption announced

    WhatsApp encryption was turned on for all types of messaging, including group chats, which advanced the conversation on 'going dark,' as new encryption legislation draft goes public.

  • Sponsored News

    • Got Containers? You’ll Need a Way to Monitor Them

      The use of containers is growing rapidly. In a June 2016 survey conducted by Cloud Foundry and ClearPath Strategies, 64% of respondents said they plan to mainstream the use of containers in the next year. As the use of containers proliferates, it is essential to address monitoring to improve the performance, usage and troubleshooting of containers. However, effective monitoring requires an analytics-driven approach that not only informs developers and operations of what’s happening, but also offers those teams the ability to dig into their container usage and performance data to gain actionable insight. See More

    • Four Features to Look for in a Threat Intelligence Service

      Although threat intelligence platforms have been used for years by elite threat research teams at cybersecurity solutions vendors and consulting firms, they have only recently become commercially available as services. This article offers some advice on selecting a service that fits your enterprise, and specifies four features that you should seek out. See More

    • Avoid the Pain of Cloud Silos With Unified Management and Visibility

      Hybrid infrastructure is the result of a fundamental evolution of IT to the cloud, and it has become the norm for most midsize and larger organizations. As the prevalence of hybrid environments increases, one of the most confounding and troublesome problems to emerge is a lack of comprehensive management and visibility across the entire IT infrastructure—whether in the cloud or on premises. See More

    • A Threat Intelligence Service Case Study: The Escelar Trojan

      In this article we explore a case study: How Unit 42, Palo Alto Network’s threat intelligence and research team, used the AutoFocus threat intelligence service to detect and analyze the Escelar banking Trojan. See More

    View All Sponsored News
  • April 08, 2016 08 Apr'16

    Vulnerability branding becomes another marketing tool

    Vulnerability branding was once a practice that elevated understanding of flaws and potentially led to better remediation, but now serves as little more than marketing for security researchers.

  • April 07, 2016 07 Apr'16

    OSVDB shutdown leaves questions for vulnerability databases

    OSVDB shutdown, blamed on lack of community support and engagement, raises questions about whether open source vulnerability databases can work and how they can be improved.

  • April 05, 2016 05 Apr'16

    Gmail BREACH attack gets much faster but still easy to stop

    Security researchers updated BREACH attack that would allow a Facebook Messenger or Gmail breach to be performed much faster, but the overall risk is limited.

  • April 01, 2016 01 Apr'16

    Apple-FBI suit dropped, but crypto wars continue

    Roundup: After the Apple-FBI suit, ACLU reports U.S. ramping up crypto wars with All Writs suits for at least 63 iOS, Android devices; Senator Wyden stands up for strong crypto.

  • April 01, 2016 01 Apr'16

    Can cybersecurity spending protect the U.S. government?

    CNAP articulates the right things, as many U.S. government cyber initiatives do, but what has captured the attention of the Beltway is the billion-dollar budget proposals.

  • April 01, 2016 01 Apr'16

    What endpoint protection software is on your short list?

    Roughly half of survey respondents indicated that their organization is shifting away from static scanning as the primary protection for endpoints.

  • March 31, 2016 31 Mar'16

    Ransomware vaccine promises protection, but experts are wary

    A new ransomware vaccine promises to protect against infections by popular ransomware variants like Locky and TeslaCrypt, but experts are wary about implementation and security.

  • March 31, 2016 31 Mar'16

    Badlock flaw hits Samba, Windows and responsible disclosure

    The serious Badlock vulnerability in Windows and Samba, announced three weeks prior to patches, triggers a debate over responsible disclosure of software flaws.

  • March 29, 2016 29 Mar'16

    Report: 1.5 million Verizon Enterprise customer records stolen

    Krebs on Security reports 1.5 million customer contact records were swiped from Verizon Enterprise Solutions and offered for sale on Dark Web; customers are at risk for phishing attacks.

  • March 29, 2016 29 Mar'16

    DOJ finds successful iPhone crack; drops backdoor bid, for now

    The DOJ found a successful iPhone crack to access the San Bernardino, Calif., terrorist's device and dropped the pending legal action against Apple, but only in that one case.