• August 12, 2015 12 Aug'15

    Darkhotel APT found using Hacking Team Flash zero-day in exploits

    The Darkhotel advanced persistent threat group used an Adobe Flash zero-day vulnerability from the Hacking Team data leak, according to Kaspersky research.

  • August 11, 2015 11 Aug'15

    Microsoft Office bug highlights August 2015 Patch Tuesday

    Microsoft's August 2015 Patch Tuesday may not be as packed with danger as a typical release, according to one expert, but does include critical bulletins for Microsoft Office and even one for the new Edge browser.

  • August 07, 2015 07 Aug'15

    ICANN breached, members' encrypted passwords stolen

    News roundup: ICANN confirmed its members' credentials were stolen Wednesday, forcing the nonprofit to enforce a site-wide password reset. Plus: VPN provider being used for APTs; Thunderstrike strikes again; Windows 10 security in its first week.

  • August 07, 2015 07 Aug'15

    Black Hat 2015: Machine learning security must add variety

    Machine learning is better at detecting malware than systems that scan for known signatures. But researchers at Black Hat 2015 say adding a twist widens the performance gap even further.

  • August 07, 2015 07 Aug'15

    Black Hat 2015: Rebuilding IT security after a cyber disaster

    In the wake of a major cyberattack, the process of rebuilding IT security can be daunting, but Christina Kubecka has some tips from her experiences with Saudi Aramco after a massive attack in 2012.

  • Sponsored News

    • RAND Model Quantifies Staying Power of Security Technologies

      When you estimate the ROI of a new security technology, you usually assume that it will provide the same value year after year. But the RAND Corporation has developed a sophisticated new model of the costs and benefits of cybersecurity which has produced a surprising result. See More

    • Is Your Active Directory Cloud Ready?

      Many companies today are considering a move to the cloud. Organizations may believe that a hosted service, such as Office 365, will be easier and or cheaper to maintain than on-prem email. Also, Microsoft and other industry leaders may have influenced a move. Whatever the reason, moving to the cloud isn’t as easy as it appears and results are often mixed if you haven’t adequately prepared your Active Directory. See More

    • Top 4 Reasons Why Security and Networking Are Coming Together

      Until recently cybersecurity and networking could be treated as separate domains, with different devices, different management tools and different staffs. But that approach won’t fly today. This paper discusses why security needs to be integrated into networking equipment, monitoring and management. See More

    • Examining the Active Directory’s Role in Governance, Risk, and Compliance

      When it comes to governance and compliance, much of the IT staff’s effort is often focused on individual systems. Administrators work meticulously to ensure that mail servers, file servers, database servers, and other resources adhere to both internal security standards and regulatory requirements. The one thing that each of these systems has in common however, is its reliance on Active Directory. First introduced in 2000 as a replacement to the Windows NT domain structure, Active Directory was originally designed to manage network resources. Now, Active Directory works as a centralized authentication and access control mechanism, and consequently plays a vital role in the organization’s overall security. See More

    View All Sponsored News
  • August 07, 2015 07 Aug'15

    Emerging security trends enterprises should keep an eye on

    Video: KPMG's Ronald Plesco discusses the main emerging security trends -- security analytics, the Internet of Things and virtualization -- and what else is on the horizon for the industry.

  • August 06, 2015 06 Aug'15

    Black Hat 2015 opens with bleak view of Internet freedom

    Legal expert Jennifer Granick kicked off Black Hat 2015 with a warning to conference goers that Internet freedom and openness are dying.

  • August 05, 2015 05 Aug'15

    Security machine learning methods needed to adapt to evolving threats

    Data science can sort through huge data stores in order to find and stop advanced attackers and malware, but new methods are needed to make sure the machine learning keeps up with evolving threats.

  • August 05, 2015 05 Aug'15

    New report sheds light on the growing threat of bulletproof hosting services

    Cybercrime has developed substantially due to bulletproof hosting service efficiency. Trend Micro's report explains how and why these services evade law enforcement officials and remain online.

  • August 04, 2015 04 Aug'15

    Is third-party vendor management the next IAM frontier?

    Identity and access management deployments are notoriously complex. And things are getting worse as legacy technology meets next-generation applications. As the traditional network perimeter continues to disappear, robust IAM becomes more important ...

  • August 03, 2015 03 Aug'15

    Cybersecurity skills shortage demands new workforce strategies

    The race to find InfoSec professionals who can outpace advanced threats has companies worldwide facing hurdles.

  • July 31, 2015 31 Jul'15

    Protests lead to drafting new Wassenaar Arrangement cybersecurity rules

    Major IT companies, such as Black Hat and Google, spoke out against the proposed Wassenaar Arrangement rules for cybersecurity software. And those protests caused the U.S. Department of Commerce to commit to drafting new rules.

  • July 31, 2015 31 Jul'15

    Tor anonymity called into question as alternative browser surfaces

    News roundup: New threats add to the Tor anonymity debate, as a new browser aims to take anonymous browsing to the next level. Plus: Android security outlook is bad -- or is it? Also, another Xen host escape flaw and Wassenaar revisions put on hold.

  • July 31, 2015 31 Jul'15

    Darkode criminal forum reborn less than two weeks after DOJ shutdown

    The recently shutdown Darkode cybercriminal community has been rebuilt, and claims the administrators are intact and security will be tightened to better avoid law enforcement.

  • July 30, 2015 30 Jul'15

    Intel, Cisco pushing for enhanced security communication, integration

    Vendors, such as Intel and Cisco, are hoping to pave the way for a security ecosystem in which applications communicate threat intelligence amongst each other. Will it work?