• October 09, 2015 09 Oct'15

    Safe Harbor agreement invalid: Privacy win or enterprise woe?

    News roundup: The EU Court has invalidated the Safe Harbor agreement, leaving companies scrambling to deal with overseas data transfers securely. Plus: SHA-1 collision attack; NIST email security initiatives; worry over cyberthreats.

  • October 09, 2015 09 Oct'15

    Vigilante Team White hackers admit to infecting 300,000 devices

    Team White hackers have taken credit for infecting more than 300,000 devices with the Wifatch malware designed to harden security, but experts still question the team's vigilante actions.

  • October 08, 2015 08 Oct'15

    Cybercrime costs rising, experts say application layer needs budget

    Two separate reports noted that cybercrime costs are significant. Some experts said reallocating budget resources to application layer security may be the answer.

  • October 06, 2015 06 Oct'15

    New YiSpecter iOS malware affects non-jailbroken devices

    Malicious actors have found new ways to attack non-jailbroken iOS devices, but experts say the YiSpecter iOS malware may not be as dangerous as it sounds.

  • October 02, 2015 02 Oct'15

    Router malware may be white hat security vigilantism

    An unknown source is infecting thousands of routers with malware not to intentionally cause harm, but apparently as an act of white hat security vigilantism to make the routers safer.

  • Sponsored News

    • RAND Model Quantifies Staying Power of Security Technologies

      When you estimate the ROI of a new security technology, you usually assume that it will provide the same value year after year. But the RAND Corporation has developed a sophisticated new model of the costs and benefits of cybersecurity which has produced a surprising result. See More

    • Is Your Active Directory Cloud Ready?

      Many companies today are considering a move to the cloud. Organizations may believe that a hosted service, such as Office 365, will be easier and or cheaper to maintain than on-prem email. Also, Microsoft and other industry leaders may have influenced a move. Whatever the reason, moving to the cloud isn’t as easy as it appears and results are often mixed if you haven’t adequately prepared your Active Directory. See More

    • Top 4 Reasons Why Security and Networking Are Coming Together

      Until recently cybersecurity and networking could be treated as separate domains, with different devices, different management tools and different staffs. But that approach won’t fly today. This paper discusses why security needs to be integrated into networking equipment, monitoring and management. See More

    • Examining the Active Directory’s Role in Governance, Risk, and Compliance

      When it comes to governance and compliance, much of the IT staff’s effort is often focused on individual systems. Administrators work meticulously to ensure that mail servers, file servers, database servers, and other resources adhere to both internal security standards and regulatory requirements. The one thing that each of these systems has in common however, is its reliance on Active Directory. First introduced in 2000 as a replacement to the Windows NT domain structure, Active Directory was originally designed to manage network resources. Now, Active Directory works as a centralized authentication and access control mechanism, and consequently plays a vital role in the organization’s overall security. See More

    View All Sponsored News
  • October 02, 2015 02 Oct'15

    As EMV adoption lags, industry remains optimistic

    News roundup: Despite a low adoption rate going into the liability shift, many in the industry are optimistic about the future of EMV use. Plus: TrueCrypt flaws; AWS crypto keys stolen; women in infosec.

  • October 01, 2015 01 Oct'15

    Android Stagefright 2.0 affects all 1.4 billion Android devices

    The Android Stagefright vulnerability has been updated to version 2.0, as the original researcher found the flaw in all versions of Android released to date. Google has promised a fix within days.

  • October 01, 2015 01 Oct'15

    Study claims enterprise vulnerability remediation can take 120 days

    A new study has found that although flaws are most likely to be exploited within 60 days of discovery, companies can take between 100 and 120 days for vulnerability remediation.

  • October 01, 2015 01 Oct'15

    The EMV liability shift date is here, now what?

    The Oct. 1, 2015 deadline for EMV liability has arrived, though merchants and retailers alike aren't ready for the change.

  • September 25, 2015 25 Sep'15

    Google Project Zero reports more Kaspersky software vulnerabilities

    Kaspersky Lab has fixed some of the vulnerabilities in its antivirus products, but a new report from Google Project Zero reveals there's more work to be done.

  • September 25, 2015 25 Sep'15

    OPM breach widens to 5.6 million fingerprint records

    News roundup: More fingerprint records were stolen during the OPM breach than originally reported. Plus: the $1 million iOS bounty; DHS CISO calls for harsher phishing policies; Safe Harbor in hot water.

  • September 23, 2015 23 Sep'15

    FBI CISO warns of IoT data breaches

    In a keynote address, FBI CISO Arlette Hart tackled the Internet of Things and explained why enterprises need to step up their IoT security efforts.

  • September 23, 2015 23 Sep'15

    As the CIA enters the picture, iOS malware count up to 4,000

    The largest incident of iOS malware found in the Apple App Store has grown exponentially, as researchers find more than 4,000 apps infected. And the attackers may have been inspired by CIA techniques.

  • September 22, 2015 22 Sep'15

    Internal report on Target data breach reveals glaring security holes

    An internal report on Target's breach, obtained by security reporter Brian Krebs, shows the retailer suffered from major security flaws.

  • September 22, 2015 22 Sep'15

    Certificate Transparency catches bad digital certificates from Symantec

    Symantec testers created unauthorized Extended Validation certificates, but the bad certificates were caught by the Certificate Transparency log.