• March 20, 2015 20 Mar'15

    At 2015 Pwn2Own competition, browser exploits in the spotlight

    News roundup: Researchers at the 2015 Pwn2Own exploited every major Web browser, casting doubt on browser security once again. Plus: high-severity OpenSSL update; IE being phased-out in Windows 10; Americans dodging online surveillance.

  • March 18, 2015 18 Mar'15

    Experts: Consumer Privacy Bill of Rights may ease privacy compliance

    The Consumer Privacy Bill of Rights proposed by the Obama administration is a good first step, according to experts, and may simplify privacy compliance for enterprises currently dealing with many different state laws.

  • March 17, 2015 17 Mar'15

    Yahoo’s attempt to kill off passwords raises security concerns

    Yahoo’s attempt to kill off passwords by introducing an on-demand one-time passcode option for its email services has raised security concerns

  • March 17, 2015 17 Mar'15

    Microsoft warns of fake SSL certificate for Windows Live

    Microsoft has warned that a fake security certificate has been issued for the Windows Live domain that could be abused by attackers

  • March 16, 2015 16 Mar'15

    Microsoft re-releases EMET 5.2 to fix IE bug

    Update: Microsoft has re-released Enhanced Mitigation Experience Toolkit version 5.2 to correct a bug involving IE 11.

  • Sponsored News

    • Is Your Active Directory Cloud Ready?

      Many companies today are considering a move to the cloud. Organizations may believe that a hosted service, such as Office 365, will be easier and or cheaper to maintain than on-prem email. Also, Microsoft and other industry leaders may have influenced a move. Whatever the reason, moving to the cloud isn’t as easy as it appears and results are often mixed if you haven’t adequately prepared your Active Directory. See More

    • Five Top Considerations in Architecting Your Network for the Future

      Network architects have more choices than ever when it comes to data center switches. From emerging categories such as white box switches to new powerful cloud spine switches built on custom chip sets, networks can now be designed with maximum flexibility to address a diverse range of price/performance requirements. See More

    • Examining the Active Directory’s Role in Governance, Risk, and Compliance

      When it comes to governance and compliance, much of the IT staff’s effort is often focused on individual systems. Administrators work meticulously to ensure that mail servers, file servers, database servers, and other resources adhere to both internal security standards and regulatory requirements. The one thing that each of these systems has in common however, is its reliance on Active Directory. First introduced in 2000 as a replacement to the Windows NT domain structure, Active Directory was originally designed to manage network resources. Now, Active Directory works as a centralized authentication and access control mechanism, and consequently plays a vital role in the organization’s overall security. See More

    • FAQ: A Guide to Increasing Automation in Data Center Switching

      By increasing automation in data center networks, IT decision makers can reduce costs and complexity, improve uptime, enhance agility and future-proof their network architectures. The issue is not whether to increase automation, but how to do so most effectively and cost-efficiently. See More

    View All Sponsored News
  • March 13, 2015 13 Mar'15

    Hillary Clinton email debate highlighted by security mistakes

    News roundup: Hillary Clinton's decision to use a private email domain and server has created a firestorm over her email security mistakes. Plus: OpenSSL audit, Blue Coat acquisition, more Equation details emerge.

  • March 13, 2015 13 Mar'15

    Does Rowhammer mark a new wave of hardware vulnerabilities?

    Experts agree that the Rowhammer vulnerability likely isn't an immediate threat to enterprises, but disagree on whether hardware vulnerabilities are about to reach a tipping point.

  • March 11, 2015 11 Mar'15

    Verizon 2015 PCI report: More achieve PCI compliance, but fail to keep it

    The 2015 edition of the Verizon PCI report shows enterprises are, on the whole, getting better at achieving full PCI compliance. Unfortunately, few can sustain it.

  • March 11, 2015 11 Mar'15

    Study warns security certificates, cryptographic keys are in peril

    A growing number of cryptographic keys and security certificates are being abused, according to a new study from cybersecurity firm Venafi and the Ponemon Institute.

  • March 11, 2015 11 Mar'15

    HP enterprise security: Can acquisitions lead to cohesive strategy?

    Through acquisitions Hewlett-Packard has built a formidable lineup of enterprise security offerings, but experts question whether a strong brand can overcome legacy technology and a lacking endpoint strategy.

  • March 10, 2015 10 Mar'15

    March 2015 Patch Tuesday: Microsoft offers quick FREAK fix

    Microsoft's March 2015 Patch Tuesday bulletins include a fix for the FREAK vulnerability, as well as five critical fixes, but surprisingly, an expert says one of the fixes deemed non-critical actually demands immediate attention.

  • March 10, 2015 10 Mar'15

    Venmo struggles put spotlight on mobile payment security

    The mobile payment app maker responds to criticism by stepping up security with better verifications and notifications for email and phone number changes.

  • March 10, 2015 10 Mar'15

    Rowhammer takes a big swing at DRAM memory security

    Google's Project Zero has detailed a new proof-of-concept exploiting the "rowhammer" DRAM flaw to allow for root access on various operating systems.

  • March 09, 2015 09 Mar'15

    For threat intelligence programs, ROI evaluation proves tricky

    Threat intelligence programs are taking root in many enterprises, but experts say variables like disparate service offerings, pricing models and response capabilities make ROI evaluation a vexing proposition.

  • March 09, 2015 09 Mar'15

    Group claiming links to Isis hacks small business websites

    The FBI is investigating the hacking of a number of SME websites in the US and Europe by people claiming affiliation with Islamic State