- January 08, 2016
- January 07, 2016
Researchers have found a new way to exploit an MD5 vulnerability to put users at risk, and experts say this is all the more reason to move faster in transitioning to SHA-256.
- January 06, 2016
Silent Circle has patched a critical modem vulnerability in its first-generation Blackphone to prevent phone hijacking by attackers.
- January 04, 2016
Russia-based threat actors were accused of attacking media outlets and electric companies in Ukraine using BlackEnergy malware.
- December 31, 2015
News roundup: China passes anti-terror law requiring tech firms' help on surveillance, while new analysis of North Korea's Red Star OS shows different approach to cybersecurity.
Sponsored by Palo Alto - Although threat intelligence platforms have been used for years by elite threat research teams at cybersecurity solutions vendors and consulting firms, they have only recently become commercially available as services. This article offers some advice on selecting a service that fits your enterprise, and specifies four features that you should seek out. See More
Sponsored by Dell - As the global business environment becomes more complex, IT departments must quickly figure out how to interact with, deliver and analyze the deluge of data from an ever-growing number of sources. For many organizations, harnessing the competitive power of the large data sets stored in their environments—known as big data—is leading the business strategy. See More
Sponsored by Palo Alto - In this article we explore a case study: How Unit 42, Palo Alto Network’s threat intelligence and research team, used the AutoFocus threat intelligence service to detect and analyze the Escelar banking Trojan. See More
Sponsored by Dell - For IT managers under pressure to improve security while streamlining costs and resources, the decision to adopt cloud-based applications such as Office 365 is easy. Unfortunately, the transition from on-premises Active Directory to cloud-based Microsoft Azure Active Directory (Azure AD) or a hybrid solution may not be as easy as it would seem. Even those already operating in the cloud could benefit by optimizing their environments. See More
- December 30, 2015
Just weeks after its biggest security update of the year, Adobe issued emergency patches for a new round of Flash bugs, including one already being exploited by attackers.
- December 29, 2015
A mysterious voter database containing 191 million voter registration records found last week was online for over a week, with few clues as to who is responsible.
- December 23, 2015
Increasing desire to be rid of SHA-1-signed certificates causes Google to join Microsoft, Mozilla in a likely acceleration of Chrome SHA-1 deprecation by six months.
- December 23, 2015
Juniper firewalls are reportedly vulnerable to two serious backdoors, and the NSA may be at least indirectly responsible for one that exposes VPN data.
- December 22, 2015
The Payment Card Industry Security Standards Council unexpectedly pushed back the deadline for enterprises to migrate off of early versions of TLS.
- December 18, 2015
News roundup: As EU's Global Data Protection Regulation advances, businesses anticipate higher penalties and compliance costs. Also, malware roundup.
- December 18, 2015
The Cybersecurity Information Sharing Act passed after being added to the emergency budget omnibus bill, but critics warned the privacy protections have been stripped out.
- December 17, 2015
Strong encryption and encryption backdoors have become hot topics in the world of lawmakers and politicians, but security experts said those people don't understand the problem.
- December 15, 2015
A new blog post detailed authentication vulnerabilities in Microsoft Kerberos that cannot be patched and could lead to attackers having free rein over systems.
- December 14, 2015
Symantec announced it will retire one of its root certificates because it was based on older security, and Google made sure users knew the risks.