- January 06, 2016
Silent Circle has patched a critical modem vulnerability in its first-generation Blackphone to prevent phone hijacking by attackers.
- January 04, 2016
Russia-based threat actors were accused of attacking media outlets and electric companies in Ukraine using BlackEnergy malware.
- December 31, 2015
News roundup: China passes anti-terror law requiring tech firms' help on surveillance, while new analysis of North Korea's Red Star OS shows different approach to cybersecurity.
- December 30, 2015
Just weeks after its biggest security update of the year, Adobe issued emergency patches for a new round of Flash bugs, including one already being exploited by attackers.
- December 29, 2015
A mysterious voter database containing 191 million voter registration records found last week was online for over a week, with few clues as to who is responsible.
Sponsored by Palo Alto - Although threat intelligence platforms have been used for years by elite threat research teams at cybersecurity solutions vendors and consulting firms, they have only recently become commercially available as services. This article offers some advice on selecting a service that fits your enterprise, and specifies four features that you should seek out. See More
Sponsored by Palo Alto - In this article we explore a case study: How Unit 42, Palo Alto Network’s threat intelligence and research team, used the AutoFocus threat intelligence service to detect and analyze the Escelar banking Trojan. See More
Sponsored by Palo Alto - The is a new breed of threat intelligence services but how can enterprise security teams use these capabilities to detect and mitigate targeted threats? See More
Sponsored by Palo Alto - The focus of most cybersecurity organizations has shifted from mass attacks to unique threats that target specific industries, specific software applications or even specific enterprises. In the vast majority of cases, it takes too long to detect, analyze and mitigate these attacks. See More
- December 23, 2015
Increasing desire to be rid of SHA-1-signed certificates causes Google to join Microsoft, Mozilla in a likely acceleration of Chrome SHA-1 deprecation by six months.
- December 23, 2015
Juniper firewalls are reportedly vulnerable to two serious backdoors, and the NSA may be at least indirectly responsible for one that exposes VPN data.
- December 22, 2015
The Payment Card Industry Security Standards Council unexpectedly pushed back the deadline for enterprises to migrate off of early versions of TLS.
- December 18, 2015
News roundup: As EU's Global Data Protection Regulation advances, businesses anticipate higher penalties and compliance costs. Also, malware roundup.
- December 18, 2015
The Cybersecurity Information Sharing Act passed after being added to the emergency budget omnibus bill, but critics warned the privacy protections have been stripped out.
- December 17, 2015
Strong encryption and encryption backdoors have become hot topics in the world of lawmakers and politicians, but security experts said those people don't understand the problem.
- December 15, 2015
A new blog post detailed authentication vulnerabilities in Microsoft Kerberos that cannot be patched and could lead to attackers having free rein over systems.
- December 14, 2015
Symantec announced it will retire one of its root certificates because it was based on older security, and Google made sure users knew the risks.
- December 11, 2015
News roundup: Cyber politics in U.S., as leaders attempt to balance access to strong encryption with terror threats. Also: Microsoft's German data centers, SHA-1 deprecation schedule, and more.
- December 10, 2015
FBI Director James Comey is sticking to the message that the FBI doesn't want encryption backdoor legislation, but one senator doesn't expect companies to comply without the legal impetus.