• October 02, 2015 02 Oct'15

    Router malware may be white hat security vigilantism

    An unknown source is infecting thousands of routers with malware not to intentionally cause harm, but apparently as an act of white hat security vigilantism to make the routers safer.

  • October 02, 2015 02 Oct'15

    As EMV adoption lags, industry remains optimistic

    News roundup: Despite a low adoption rate going into the liability shift, many in the industry are optimistic about the future of EMV use. Plus: TrueCrypt flaws; AWS crypto keys stolen; women in infosec.

  • October 01, 2015 01 Oct'15

    Android Stagefright 2.0 affects all 1.4 billion Android devices

    The Android Stagefright vulnerability has been updated to version 2.0, as the original researcher found the flaw in all versions of Android released to date. Google has promised a fix within days.

  • October 01, 2015 01 Oct'15

    Study claims enterprise vulnerability remediation can take 120 days

    A new study has found that although flaws are most likely to be exploited within 60 days of discovery, companies can take between 100 and 120 days for vulnerability remediation.

  • October 01, 2015 01 Oct'15

    The EMV liability shift date is here, now what?

    The Oct. 1, 2015 deadline for EMV liability has arrived, though merchants and retailers alike aren't ready for the change.

  • Sponsored News

    • RAND Model Quantifies Staying Power of Security Technologies

      When you estimate the ROI of a new security technology, you usually assume that it will provide the same value year after year. But the RAND Corporation has developed a sophisticated new model of the costs and benefits of cybersecurity which has produced a surprising result. See More

    • Is Your Active Directory Cloud Ready?

      Many companies today are considering a move to the cloud. Organizations may believe that a hosted service, such as Office 365, will be easier and or cheaper to maintain than on-prem email. Also, Microsoft and other industry leaders may have influenced a move. Whatever the reason, moving to the cloud isn’t as easy as it appears and results are often mixed if you haven’t adequately prepared your Active Directory. See More

    • Top 4 Reasons Why Security and Networking Are Coming Together

      Until recently cybersecurity and networking could be treated as separate domains, with different devices, different management tools and different staffs. But that approach won’t fly today. This paper discusses why security needs to be integrated into networking equipment, monitoring and management. See More

    • Examining the Active Directory’s Role in Governance, Risk, and Compliance

      When it comes to governance and compliance, much of the IT staff’s effort is often focused on individual systems. Administrators work meticulously to ensure that mail servers, file servers, database servers, and other resources adhere to both internal security standards and regulatory requirements. The one thing that each of these systems has in common however, is its reliance on Active Directory. First introduced in 2000 as a replacement to the Windows NT domain structure, Active Directory was originally designed to manage network resources. Now, Active Directory works as a centralized authentication and access control mechanism, and consequently plays a vital role in the organization’s overall security. See More

    View All Sponsored News
  • September 25, 2015 25 Sep'15

    Google Project Zero reports more Kaspersky software vulnerabilities

    Kaspersky Lab has fixed some of the vulnerabilities in its antivirus products, but a new report from Google Project Zero reveals there's more work to be done.

  • September 25, 2015 25 Sep'15

    OPM breach widens to 5.6 million fingerprint records

    News roundup: More fingerprint records were stolen during the OPM breach than originally reported. Plus: the $1 million iOS bounty; DHS CISO calls for harsher phishing policies; Safe Harbor in hot water.

  • September 23, 2015 23 Sep'15

    FBI CISO warns of IoT data breaches

    In a keynote address, FBI CISO Arlette Hart tackled the Internet of Things and explained why enterprises need to step up their IoT security efforts.

  • September 23, 2015 23 Sep'15

    As the CIA enters the picture, iOS malware count up to 4,000

    The largest incident of iOS malware found in the Apple App Store has grown exponentially, as researchers find more than 4,000 apps infected. And the attackers may have been inspired by CIA techniques.

  • September 22, 2015 22 Sep'15

    Internal report on Target data breach reveals glaring security holes

    An internal report on Target's breach, obtained by security reporter Brian Krebs, shows the retailer suffered from major security flaws.

  • September 22, 2015 22 Sep'15

    Certificate Transparency catches bad digital certificates from Symantec

    Symantec testers created unauthorized Extended Validation certificates, but the bad certificates were caught by the Certificate Transparency log.

  • September 21, 2015 21 Sep'15

    Google wants sites to disable SSLv3 to boost Web security

    Google is trying to drag Web security into 2008 by asking sites to disable SSLv3 and RC4, and setting a minimum transfer security protocol of TLS 1.2.

  • September 21, 2015 21 Sep'15

    App Store iOS malware found after first large-scale attack

    For the first time, a large amount of iOS malware has made it past Apple's App Store security controls, potentially affecting hundreds of millions of users.

  • September 18, 2015 18 Sep'15

    Cisco router malware in the wild more widespread than first believed

    News roundup: Additional research shows a Cisco router implant affects more devices than originally reported. Plus: Let's Encrypt's first cert issued; Tor in the library; the mitigated (but not fixed) iOS AirDrop vulnerability.

  • September 18, 2015 18 Sep'15

    DHS audit details cyber mission failures and future efforts

    An internal audit of the U.S. Department of Homeland Security has been completed, detailing areas where its cyber mission has failed and what plans are in place to make improvements.