• October 17, 2014 17 Oct'14

    Ponemon research: Cost of a breach rising, U.S. hit hardest

    News roundup: New research shows a dramatic increase in the cost of cybercrime and data breach remediation. Plus: Security as a service popularity surges, Snowden journalist touts the importance of free security software, and more.

  • October 15, 2014 15 Oct'14

    Remembering Shon Harris: Logical Security founder passes away

    Shon Harris, founder and CEO of Logical Security and recognized security certification training expert, died Oct. 8, 2014, after a long illness. SearchSecurity pays tribute to her contributions to the information security field.

  • October 10, 2014 10 Oct'14

    Analysis: Symantec split was a long time coming

    The long-anticipated Symantec split will leave one company focused entirely on security, but experts caution that it's just the first step in fixing the many problems in Big Yellow's product lines.

  • October 10, 2014 10 Oct'14

    Are offensive hacking courses ethical? Debating the ethics of hacking

    News roundup: Colleges across the country are offering courses in offensive hacking, but are they ethical? Plus: Why the first 'online murder' may happen in 2014; Palo Alto and NSS Labs make up; numerous Android security issues surface.

  • October 08, 2014 08 Oct'14

    More Bash security flaws emerge; Yahoo says attack was not related

    Yahoo says a reported attack was not the result of a Shellshock exploit, but researchers have found new vulnerabilities in SSH key-management and network-attached storage systems.

  • Sponsored News

    • RAND Model Quantifies Staying Power of Security Technologies

      When you estimate the ROI of a new security technology, you usually assume that it will provide the same value year after year. But the RAND Corporation has developed a sophisticated new model of the costs and benefits of cybersecurity which has produced a surprising result. See More

    • Is Your Active Directory Cloud Ready?

      Many companies today are considering a move to the cloud. Organizations may believe that a hosted service, such as Office 365, will be easier and or cheaper to maintain than on-prem email. Also, Microsoft and other industry leaders may have influenced a move. Whatever the reason, moving to the cloud isn’t as easy as it appears and results are often mixed if you haven’t adequately prepared your Active Directory. See More

    • Top 4 Reasons Why Security and Networking Are Coming Together

      Until recently cybersecurity and networking could be treated as separate domains, with different devices, different management tools and different staffs. But that approach won’t fly today. This paper discusses why security needs to be integrated into networking equipment, monitoring and management. See More

    • Examining the Active Directory’s Role in Governance, Risk, and Compliance

      When it comes to governance and compliance, much of the IT staff’s effort is often focused on individual systems. Administrators work meticulously to ensure that mail servers, file servers, database servers, and other resources adhere to both internal security standards and regulatory requirements. The one thing that each of these systems has in common however, is its reliance on Active Directory. First introduced in 2000 as a replacement to the Windows NT domain structure, Active Directory was originally designed to manage network resources. Now, Active Directory works as a centralized authentication and access control mechanism, and consequently plays a vital role in the organization’s overall security. See More

    View All Sponsored News
  • October 07, 2014 07 Oct'14

    IT security salary survey shows steady pay, rising budgets

    While demand for qualified security professionals may be outpacing supply, the 2014 TechTarget IT Salary Survey shows little change in security pros' compensation levels.

  • October 03, 2014 03 Oct'14

    Palo Alto NGFW fails NSS Labs report, war of words ensues

    News roundup: Palo Alto's next-generation firewall fared poorly in a recent NSS Labs report, leading to a testy back-and-forth about NGFW testing. Plus: Mitnick selling zero days; EMET bypassed, again; iThemes stored plaintext passwords.

  • October 03, 2014 03 Oct'14

    Open-source security model undermined by lack of resources

    Shellshock and Heartbleed showed how flawed even ubiquitous open-source software components can be, but experts say that doesn't necessarily mean the open-source security model is to blame.

  • October 02, 2014 02 Oct'14

    PCI 3.0 changes: A PCI compliance requirements checklist for 2015

    In this presentation, compliance expert Nancy Rodriguez offers a line-by-line review of the key PCI DSS changes that become mandatory as of Jan. 1, 2015.

  • October 01, 2014 01 Oct'14

    Zeus malware is back with a new target: Mobile devices

    Zeus malware is back with a new target -- mobile devices. Expert Nick Lewis explains how Zeus-in-the-mobile differs from traditional Zeus and how to defend against it.

  • September 29, 2014 29 Sep'14

    Malvertising problem to worsen as attacks become more sophisticated

    Malvertising is already being used by attackers as a delivery mechanism for exploit kits, and new research reveals the problem is likely to get worse, specifically in the form of malicious Flash banners.

  • September 26, 2014 26 Sep'14

    Attackers already targeting Bash security vulnerability

    Exploits are already being written and rewritten for the 'Shellshock' Bash security vulnerability, which was announced just days ago, increasing the urgency for enterprises to remediate it quickly.

  • September 26, 2014 26 Sep'14

    Bash bug creates wave of shell security concerns on social media

    News roundup: The revelation that the Bash bug could be the worst worm outbreak in more than a decade started a frenzy on social media. Plus: a 'Kyle and Stan' malvertising update; GM ups auto cybersecurity; two data breaches; and more.

  • September 25, 2014 25 Sep'14

    On Shellshock Bash vulnerability, experts scramble amid active exploits

    As attackers begin exploiting the 'Shellshock' Bash vulnerability, experts say many attack vectors remain unknown, making immediate remediation extremely critical.

  • September 25, 2014 25 Sep'14

    In Heartbleed's wake, Bash shell flaw puts Linux, Mac OS users at risk

    Experts say a 20-year-old vulnerability uncovered in the Bash shell, found in Unix-based operating systems including Linux and Mac OS, could lead to a dangerous worm outbreak unlike anything seen in more than a decade.