• September 19, 2014 19 Sep'14

    Bitcoin exchanges maturing, but Bitcoin security still a concern

    The Bitcoin market is maturing but security issues, such as private key management, persist. The Bitcoin Foundation gives the good news and bad news regarding Bitcoin security.

  • September 19, 2014 19 Sep'14

    Rogue IMSI catchers heighten enterprise cell phone security risks

    News roundup: Rogue cell phone towers are popping up across the United States, heightening enterprise communication and data privacy concerns. Plus: Goodwill breach update; Adobe patches released; and security in 2025.

  • September 19, 2014 19 Sep'14

    Home Depot data breach update: 56 million cards confirmed stolen

    Home Depot said late Thursday that its recent breach involving 56 million payment cards was the result of custom-built malware, and that the company has since rolled out new POS encryption technology.

  • September 17, 2014 17 Sep'14

    Research finds holes in defense-in-depth security model

    The defense-in-depth security model is often touted as a must for enterprises, but research shows that security products often fail to do what they're supposed to.

  • September 17, 2014 17 Sep'14

    Apple rolls out more robust iCloud two-factor authentication

    Following a high-profile leak of celebrity photos, Apple has moved to improve its iCloud two-factor authentication mechanisms.

  • Sponsored News

    • RAND Model Quantifies Staying Power of Security Technologies

      When you estimate the ROI of a new security technology, you usually assume that it will provide the same value year after year. But the RAND Corporation has developed a sophisticated new model of the costs and benefits of cybersecurity which has produced a surprising result. See More

    • Is Your Active Directory Cloud Ready?

      Many companies today are considering a move to the cloud. Organizations may believe that a hosted service, such as Office 365, will be easier and or cheaper to maintain than on-prem email. Also, Microsoft and other industry leaders may have influenced a move. Whatever the reason, moving to the cloud isn’t as easy as it appears and results are often mixed if you haven’t adequately prepared your Active Directory. See More

    • Top 4 Reasons Why Security and Networking Are Coming Together

      Until recently cybersecurity and networking could be treated as separate domains, with different devices, different management tools and different staffs. But that approach won’t fly today. This paper discusses why security needs to be integrated into networking equipment, monitoring and management. See More

    • Examining the Active Directory’s Role in Governance, Risk, and Compliance

      When it comes to governance and compliance, much of the IT staff’s effort is often focused on individual systems. Administrators work meticulously to ensure that mail servers, file servers, database servers, and other resources adhere to both internal security standards and regulatory requirements. The one thing that each of these systems has in common however, is its reliance on Active Directory. First introduced in 2000 as a replacement to the Windows NT domain structure, Active Directory was originally designed to manage network resources. Now, Active Directory works as a centralized authentication and access control mechanism, and consequently plays a vital role in the organization’s overall security. See More

    View All Sponsored News
  • September 16, 2014 16 Sep'14

    Programmers unknowingly inherit development framework security issues

    Developers increasingly rely on a variety of open source components, but a VerSprite researcher warns that security issues accompany many popular frameworks.

  • September 15, 2014 15 Sep'14

    Apple Pay security: Hope abounds, but questions linger

    Security controls integrated into the new Apple Pay mobile payment system could strengthen the payment security ecosystem, but unanswered questions remain, like the ramifications of a lost iPhone.

  • September 12, 2014 12 Sep'14

    Situational awareness software raises surveillance questions

    News roundup: City-sponsored situational awareness software use at a music festival illustrates the importance of enterprise surveillance strategy evaluation. Plus: Apache Tomcat upgrade; OpenSSL security policy; and call center security concerns.

  • September 11, 2014 11 Sep'14 breach shows poor website security testing

    Experts say the latest security breach of the website was caused by lacking security process maturity, downplaying the importance of website security testing.

  • September 11, 2014 11 Sep'14

    Time to end women and security stereotypes, says Facebook security pro

    Facebook's director of security operations says women can have successful careers in information security, and more diversity can help shift the playing field toward security defenders rather than attackers.

  • September 09, 2014 09 Sep'14

    September 2014 Patch Tuesday includes critical IE security fix

    Microsoft's September 2014 Patch Tuesday features four bulletins, including one critical update for Internet Explorer. Plus: Adobe releases a Flash fix, but delays a planned patch release for Reader and Acrobat.

  • September 09, 2014 09 Sep'14

    Home Depot confirms data breach began in April

    The home improvement retailer confirms its customers' payment card data was breached in an incident that is believed to have begun in April, likely compromising millions of card accounts.

  • September 09, 2014 09 Sep'14

    Home Depot confirms data breach began in April

    The home improvement retailer confirms its customers' payment card data was breached in an incident that is believed to have begun in April, likely compromising millions of card accounts.

  • September 08, 2014 08 Sep'14

    Heartbleed patch efforts ignored on thousands of websites

    Data from McAfee shows many organizations have yet to fully patch the Heartbleed vulnerability, and as many as 300,000 websites remain at risk.

  • September 05, 2014 05 Sep'14

    Goodwill breach highlights need for service provider due diligence

    News roundup: The recent Goodwill security breach has been blamed on a third-party service provider, highlighting the need for due diligence. Plus: Mobile device theft; Android app vulnerabilities and a 12-year-long cyber-espionage network.