• March 16, 2016 16 Mar'16

    Java vulnerability report strains responsible disclosure

    A security researcher reports Oracle's 30-month-old failed patch for a Java vulnerability, and experts suggest it was an irresponsible disclosure, despite frustration with Oracle's patching process.

  • March 11, 2016 11 Mar'16

    DROWN attack: TLS under fire again

    News roundup: DROWN attack affects millions of servers with an SSLv2 vulnerability; the Home Depot breach lawsuit settlement is pending; and Chinese smartphone-maker ZTE is sanctioned.

  • March 09, 2016 09 Mar'16

    Crowdsourced vulnerability patching could save us all

    Patching systems can be time-consuming and troublesome, so one expert suggests crowdsourced vulnerability patching to make the process faster and easier.

  • March 08, 2016 08 Mar'16

    March 2016 Patch Tuesday highlights Windows 10 security

    Microsoft's March 2016 Patch Tuesday release has put Windows 10 security on display for good and bad, experts say.

  • March 04, 2016 04 Mar'16

    AI may soon find and patch a software bug automatically

    The cybersecurity industry is getting closer to artificial intelligence that can find and patch software bugs automatically, but that same tech could lead to autonomous hacking.

  • Sponsored News

    • Four Features to Look for in a Threat Intelligence Service

      Although threat intelligence platforms have been used for years by elite threat research teams at cybersecurity solutions vendors and consulting firms, they have only recently become commercially available as services. This article offers some advice on selecting a service that fits your enterprise, and specifies four features that you should seek out. See More

    • Choosing the Right Tools to Harness Big Data

      As the global business environment becomes more complex, IT departments must quickly figure out how to interact with, deliver and analyze the deluge of data from an ever-growing number of sources. For many organizations, harnessing the competitive power of the large data sets stored in their environments—known as big data—is leading the business strategy. See More

    • A Threat Intelligence Service Case Study: The Escelar Trojan

      In this article we explore a case study: How Unit 42, Palo Alto Network’s threat intelligence and research team, used the AutoFocus threat intelligence service to detect and analyze the Escelar banking Trojan. See More

    • Optimize Your Journey to Azure AD

      For IT managers under pressure to improve security while streamlining costs and resources, the decision to adopt cloud-based applications such as Office 365 is easy. Unfortunately, the transition from on-premises Active Directory to cloud-based Microsoft Azure Active Directory (Azure AD) or a hybrid solution may not be as easy as it would seem. Even those already operating in the cloud could benefit by optimizing their environments. See More

    View All Sponsored News
  • March 04, 2016 04 Mar'16

    McCaul pitches encryption commission to solve 'going dark' problem

    Rep. Michael McCaul makes the case for encryption commission legislation as an answer to the 'going dark' problem in the face of global cyberthreats.

  • March 03, 2016 03 Mar'16

    Military-grade security focuses on isolation and action

    Presenters at the RSA Conference 2016 said military-grade security for enterprise networks is possible by taking a zero-tolerance policy to network traffic.

  • March 03, 2016 03 Mar'16

    Cybersecurity checklist a strategy tool for increasing attack costs

    The U.S. Cyber Consequences Unit rolled out a new version of its cybersecurity checklist, which it claims will help reduce attacks by increasing the costs of those attacks.

  • March 03, 2016 03 Mar'16

    Admiral Rogers, chief of U.S. Cyber Command, seeks cooperation

    Private sector cooperation with the government is key to successful protection against cyberthreats, says U.S. Cyber Command chief Michael Rogers in an address to RSA Conference 2016.

  • March 03, 2016 03 Mar'16

    DOD announces 'Hack the Pentagon' bug bounty program

    Defense Secretary Ashton Carter announces the 'Hack the Pentagon' bug bounty program and new Defense Innovation Advisory Board to be headed by Eric Schmidt.

  • March 03, 2016 03 Mar'16

    Government encryption backdoor debate is more nuanced at RSAC

    RSAC panelists had a spirited and nuanced debate about government encryption backdoors, and the topic is more difficult to parse than expected.

  • March 02, 2016 02 Mar'16

    Cybercrime trends point to growing sophistication

    Sophos' James Lyne warns that cybercriminals are becoming more effective, thanks to document-based malware and advanced social engineering techniques.

  • March 02, 2016 02 Mar'16

    Bruce Schneier on IBM grabbing him up with Resilient Systems

    Bruce Schneier chats with SearchSecurity during lunch at RSAC about IBM's plans to acquire Resilient Systems to complete their security offering.

  • March 02, 2016 02 Mar'16

    Diffie, Hellman win Turing Award; cryptography research update

    Diffie, Hellman receive Turing Award and experts review cryptography research, Apple vs. FBI, Juniper backdoors, quantum crypto and the future of cryptography.

  • March 01, 2016 01 Mar'16

    Incident response procedures speed discovery-response time

    Many companies become aware of a security event but take hours or days to perform triage and finally remediate it. Incident response procedures can vary based on the organization, and the type of security incident, which could involve DDoS attacks, ...