• December 23, 2015 23 Dec'15

    Google accelerates Chrome SHA-1 deprecation schedule

    Increasing desire to be rid of SHA-1-signed certificates causes Google to join Microsoft, Mozilla in a likely acceleration of Chrome SHA-1 deprecation by six months.

  • December 23, 2015 23 Dec'15

    Juniper firewall backdoors add fuel to encryption debate

    Juniper firewalls are reportedly vulnerable to two serious backdoors, and the NSA may be at least indirectly responsible for one that exposes VPN data.

  • December 22, 2015 22 Dec'15

    PCI DSS 3.1 deadline for TLS migration pushed back

    The Payment Card Industry Security Standards Council unexpectedly pushed back the deadline for enterprises to migrate off of early versions of TLS.

  • December 18, 2015 18 Dec'15

    Compliance costs expected to rise as EU GDPR advances

    News roundup: As EU's Global Data Protection Regulation advances, businesses anticipate higher penalties and compliance costs. Also, malware roundup.

  • December 18, 2015 18 Dec'15

    CISA added to budget omnibus, with privacy protection stripped

    The Cybersecurity Information Sharing Act passed after being added to the emergency budget omnibus bill, but critics warned the privacy protections have been stripped out.

  • Sponsored News

    • The Key to Better DevOps Is in Your Data

      DevOps is a buzzword right now for good reason—it can deliver significant benefits. The 2016 State of DevOps Report, which surveyed 1,400 IT professionals around the world, paints a picture of high-performing IT development organizations: those with multiple code deployments per day and less than one-hour lead time between code fixes and production deployment. See More

    • How to: Protecting Your Data in the Cloud

      Your data is your company’s most valuable asset. Whether that’s system configurations, customer information, intellectual property, email or other communications, you need to put steps in place to protect it and establish processes to recover it in the event of a loss or some other incident. See More

    • Four Features to Look for in a Threat Intelligence Service

      Although threat intelligence platforms have been used for years by elite threat research teams at cybersecurity solutions vendors and consulting firms, they have only recently become commercially available as services. This article offers some advice on selecting a service that fits your enterprise, and specifies four features that you should seek out. See More

    • Got Containers? You’ll Need a Way to Monitor Them

      The use of containers is growing rapidly. In a June 2016 survey conducted by Cloud Foundry and ClearPath Strategies, 64% of respondents said they plan to mainstream the use of containers in the next year. As the use of containers proliferates, it is essential to address monitoring to improve the performance, usage and troubleshooting of containers. However, effective monitoring requires an analytics-driven approach that not only informs developers and operations of what’s happening, but also offers those teams the ability to dig into their container usage and performance data to gain actionable insight. See More

    View All Sponsored News
  • December 17, 2015 17 Dec'15

    Experts: Lawmakers don't understand encryption backdoor problems

    Strong encryption and encryption backdoors have become hot topics in the world of lawmakers and politicians, but security experts said those people don't understand the problem.

  • December 15, 2015 15 Dec'15

    Old Microsoft Kerberos vulnerability gets new spotlight

    A new blog post detailed authentication vulnerabilities in Microsoft Kerberos that cannot be patched and could lead to attackers having free rein over systems.

  • December 14, 2015 14 Dec'15

    Symantec asks browser makers to distrust one of its root certificates

    Symantec announced it will retire one of its root certificates because it was based on older security, and Google made sure users knew the risks.

  • December 11, 2015 11 Dec'15

    Governments weigh strong encryption vs. terror threats

    News roundup: Cyber politics in U.S., as leaders attempt to balance access to strong encryption with terror threats. Also: Microsoft's German data centers, SHA-1 deprecation schedule, and more.

  • December 10, 2015 10 Dec'15

    FBI: Encryption backdoor laws are unnecessary, if companies comply

    FBI Director James Comey is sticking to the message that the FBI doesn't want encryption backdoor legislation, but one senator doesn't expect companies to comply without the legal impetus.

  • December 10, 2015 10 Dec'15

    FBI admits to using zero-day exploits, not disclosing them

    The FBI has admitted to using zero-day exploits rather than disclosing them, and experts say this should not be a surprise considering the history of federal agency actions.

  • December 08, 2015 08 Dec'15

    December 2015 Patch Tuesday: DNS query and zero-day flaws fixed

    Microsoft's December 2015 Patch Tuesday brought a number of fixes to Windows, including a patch for a DNS query bug and zero-day flaws in the Windows kernel and Microsoft Office.

  • December 08, 2015 08 Dec'15

    Temporary workers cause access management troubles over the holidays

    A new report showed that while retail companies are confident in their security, many use bad access-management practices with temporary workers brought in for the holiday season.

  • December 04, 2015 04 Dec'15

    HTML5 support could mean Adobe Flash end of life

    Adobe moves could signal the end of the ever-vulnerable Flash Player, and experts say more support for HTML5 could lead to the Adobe Flash end of life.

  • December 04, 2015 04 Dec'15

    First-ever high-level talks on US-China cyber issues

    News roundup: Chinese hacking activity drops in advance of US-China cyber talks, Australia blames China for major breach, mature malware, National Security Letter unveiled, and more.