• November 12, 2014 12 Nov'14

    Daily log monitoring selected for 2015 PCI special interest group

    Pain points related to finding indicators of compromise in system logs and CDE outsourcing have led to a pair of new PCI special interest groups that will begin work next year.

  • November 11, 2014 11 Nov'14

    Hefty November 2014 Patch Tuesday delivers four critical bulletins

    The zero-day patch was one of four critical bulletins Microsoft delivered as part of its largest Patch Tuesday release of 2014; a fifth critical bulletin was dropped at the last moment.

  • November 10, 2014 10 Nov'14

    Experts: Cyber risk management requires teamwork, preparation

    At the 2014 Advanced Cyber Security Center conference, industry experts touted the increasing importance of information sharing and incident preparation, yet also admitted both are easier said than done.

  • November 10, 2014 10 Nov'14

    Network security assessment should play part in M&A process

    Mergers and acquisitions present opportunities for attackers interested in valuable data, but experts say most enterprises fail to perform a network security assessment before proceeding with a deal.

  • November 07, 2014 07 Nov'14

    With expanded open Wi-Fi, are ISPs offering convenience or aiding criminals?

    News roundup: Open Wi-Fi allegedly aided a fugitive in evading authorities, highlighting Wi-Fi hotspot risks as ISPs including Comcast turn residential gateways into hotspots. Plus: Google's nogotofail tool; messaging apps fail EFF security review; ...

  • Sponsored News

    • Is Your Active Directory Cloud Ready?

      Many companies today are considering a move to the cloud. Organizations may believe that a hosted service, such as Office 365, will be easier and or cheaper to maintain than on-prem email. Also, Microsoft and other industry leaders may have influenced a move. Whatever the reason, moving to the cloud isn’t as easy as it appears and results are often mixed if you haven’t adequately prepared your Active Directory. See More

    • Five Top Considerations in Architecting Your Network for the Future

      Network architects have more choices than ever when it comes to data center switches. From emerging categories such as white box switches to new powerful cloud spine switches built on custom chip sets, networks can now be designed with maximum flexibility to address a diverse range of price/performance requirements. See More

    • Examining the Active Directory’s Role in Governance, Risk, and Compliance

      When it comes to governance and compliance, much of the IT staff’s effort is often focused on individual systems. Administrators work meticulously to ensure that mail servers, file servers, database servers, and other resources adhere to both internal security standards and regulatory requirements. The one thing that each of these systems has in common however, is its reliance on Active Directory. First introduced in 2000 as a replacement to the Windows NT domain structure, Active Directory was originally designed to manage network resources. Now, Active Directory works as a centralized authentication and access control mechanism, and consequently plays a vital role in the organization’s overall security. See More

    • FAQ: A Guide to Increasing Automation in Data Center Switching

      By increasing automation in data center networks, IT decision makers can reduce costs and complexity, improve uptime, enhance agility and future-proof their network architectures. The issue is not whether to increase automation, but how to do so most effectively and cost-efficiently. See More

    View All Sponsored News
  • November 07, 2014 07 Nov'14

    Home Depot security breach: Losses include 53 million email addresses

    The email addresses were taken in addition to the 56 million debit and credit card numbers that were compromised as part of the massive data breach at the nation's biggest home-improvement retailer.

  • November 04, 2014 04 Nov'14

    Despite skeptics, security awareness training for employees is booming

    Employee security awareness training has been derided in the past, but new Gartner research suggests that a market of competitive, high-quality vendors are making security awareness a must-have.

  • November 01, 2014 01 Nov'14

    We honor the winners of Information Security Readers' Choice 2014

    More than 1,700 voters weighed in and helped us award this year's top security technologies in 22 categories.

  • October 31, 2014 31 Oct'14

    Browser vendors to disable SSL 3.0 in response to POODLE attack

    The outdated encryption protocol was spotlighted earlier this month when Google researchers released details on the POODLE attack, which preyed on systems that support the SSL 3.0 fallback mechanism.

  • October 31, 2014 31 Oct'14

    Verizon's mobile persistent cookie is more trick than treat

    News roundup: Verizon gave its mobile users an early Halloween trick: a cookie that cannot be erased, despite a number of privacy concerns. Also: compromising an air-gapped computer over the air; an alleged government-funded hack against a CBS ...

  • October 30, 2014 30 Oct'14

    CurrentC breach raises questions about mobile-payment security

    CurrentC, the retailer-backed mobile-payment platform, admitted to the breach shortly after the Apple Pay competitor was blamed for shutting down other NFC-based payment options.

  • October 29, 2014 29 Oct'14

    McAfee security products to gain integrated threat intelligence feeds

    Customers and partners like the new effort by the Intel-owned security vendor to integrate threat intelligence feeds with all of its existing products, but analysts are leery of lacking threat intelligence standards.

  • October 29, 2014 29 Oct'14

    White House hack confirmed; state-affiliated actors suspected

    State-affiliated actors, possibly tied to the Russian government, are thought to be behind a newly confirmed breach of the White House's unclassified computer network.

  • October 27, 2014 27 Oct'14

    Research finds more organizations use big data analytics for security

    Research from Nemertes shows an increasing percentage of enterprises are utilizing big data analytics for security as traditional defenses fail to hold off attackers.

  • October 24, 2014 24 Oct'14

    Symantec pcAnywhere end-of-life highlights Big Yellow's many stumbles

    News roundup: As the trouble-ridden pcAnywhere's end-of-life nears, it highlights how Symantec snatched defeat from the jaws of victory. Plus: F-Secure raises the bar on privacy policy; Lifehacker breaking bad during Evil Week; and Americans fear ID...