• August 17, 2016 17 Aug'16

    Windows Bash could open the door to more Linux-based attacks

    Will Windows 10's new native version of the Ubuntu Linux command line, Windows Bash, enable new attack vectors? Experts weigh in on Windows Subsystem for Linux.

  • August 16, 2016 16 Aug'16

    New Vawtrak Trojan variant leverages SSL pinning, HTTPS

    Fidelis Cybersecurity reports notorious Vawtrak banking Trojan gets upgrades to increase security and evade detection, including SSL pinning and domain generation algorithm.

  • August 16, 2016 16 Aug'16

    Equation Group cyberweapons auctioned off; WikiLeaks promises release

    Cyberweapons purportedly stolen from the NSA-linked Equation Group have been put up for auction; WikiLeaks promises it will publish a 'pristine copy in due course.'

  • August 15, 2016 15 Aug'16

    DNC forms cybersecurity advisory board after breach

    Following an embarrassing data breach, the Democratic National Committee has formed a cybersecurity advisory board, but experts have questioned the pedigree of board members.

  • August 15, 2016 15 Aug'16

    Windows Secure Boot broken after Microsoft leaks golden key

    Microsoft accidentally released the golden key for Windows Secure Boot, causing a serious security issue for the company despite putting only less popular devices at risk.

  • Sponsored News

    • The Key to Better DevOps Is in Your Data

      DevOps is a buzzword right now for good reason—it can deliver significant benefits. The 2016 State of DevOps Report, which surveyed 1,400 IT professionals around the world, paints a picture of high-performing IT development organizations: those with multiple code deployments per day and less than one-hour lead time between code fixes and production deployment. See More

    • How to: Protecting Your Data in the Cloud

      Your data is your company’s most valuable asset. Whether that’s system configurations, customer information, intellectual property, email or other communications, you need to put steps in place to protect it and establish processes to recover it in the event of a loss or some other incident. See More

    • Got Containers? You’ll Need a Way to Monitor Them

      The use of containers is growing rapidly. In a June 2016 survey conducted by Cloud Foundry and ClearPath Strategies, 64% of respondents said they plan to mainstream the use of containers in the next year. As the use of containers proliferates, it is essential to address monitoring to improve the performance, usage and troubleshooting of containers. However, effective monitoring requires an analytics-driven approach that not only informs developers and operations of what’s happening, but also offers those teams the ability to dig into their container usage and performance data to gain actionable insight. See More

    • Cloud-Based Disaster Recovery

      Our world has become increasingly complex. In the past, the most likely cause of system downtime was either equipment failure or a power outage. Today, there are new threats to your business operations, including data breaches, ransomware and other malicious activities. See More

    View All Sponsored News
  • August 12, 2016 12 Aug'16

    White House aims to secure open source government programs

    The White House unveils a new open source government policy and new research estimates the government's zero-day exploit stockpile to be smaller than expected.

  • August 11, 2016 11 Aug'16

    Risk & Repeat: Highlights and lowlights from Black Hat 2016

    In this Risk & Repeat podcast, SearchSecurity editors discuss the good and bad news from Black Hat 2016 in Las Vegas, including critical flaws in web protocols.

  • August 09, 2016 09 Aug'16

    Browser vulnerabilities, Office flaws lead August 2016 Patch Tuesday

    Microsoft's August 2016 Patch Tuesday focuses on critical browser vulnerabilities in Edge and Internet Explorer, as well as flaws with Microsoft Office and PDF Library.

  • August 09, 2016 09 Aug'16

    More DDoS DNS amplification attacks use SSDP than NTP

    Black Hat: New research finds DDoS DNS amplification attacks are more likely to use SSDP than NTP and DDoS attacks may generally be smaller than reported.

  • August 09, 2016 09 Aug'16

    Bluetooth LE security hit with GATTack at Black Hat

    Amid varying attacks targeting IoT devices at Black Hat 2016, a new software proxy offered leverage against the latest Bluetooth LE security protections.

  • August 09, 2016 09 Aug'16

    Oracle MICROS breached, password reset recommended

    Oracle's MICROS PoS systems breached, possibly by Carbanak cybergang; Oracle issues mandatory password reset for customers.

  • August 05, 2016 05 Aug'16

    Security of HTTP/2 protocol takes big hit at Black Hat 2016

    Black Hat researchers report flaws in key web protocols, demonstrating widespread flaws in HTTP/2 implementations; Banner Health announces breach affecting 3.7 million.

  • August 05, 2016 05 Aug'16

    Apple starting its own bug bounty program with big rewards

    Apple will be starting a bug bounty program for researchers who find critical vulnerabilities in iOS or iCloud and offer big rewards.

  • August 05, 2016 05 Aug'16

    Government data requests have little legal backing say experts

    Experts find law enforcement data requests have little legal support and suggest enterprises use independent judgment when deciding whether to comply or push back.

  • August 04, 2016 04 Aug'16

    EMV cards, PIN pads vulnerable to man in the middle attacks

    Researchers at Black Hat 2016 poked holes in chip and PIN security by demonstrating simple attacks that can intercept EMV card transaction data, including CVV codes and PINs.