• November 30, 2015 30 Nov'15

    Credit card hack predicts replacement Amex card number

    Samy Kamkar found a weakness in the algorithm American Express uses to generate replacement card information and created a credit card hack as a proof-of-concept.

  • November 24, 2015 24 Nov'15

    Dell fixes root certificate issue reminiscent of Superfish

    Dell issued a fix for a root certificate similar to Superfish that could potentially allow attackers to intercept encrypted private data on its PCs.

  • November 23, 2015 23 Nov'15

    Lessons learned from the Adobe data breach

    Adobe CSO Brad Arkin spoke at the recent Privacy. Security. Risk. 2015 event about his experiences dealing with the company's massive data breach two years ago.

  • November 20, 2015 20 Nov'15

    Safe Harbor framework update in danger of capsizing

    News roundup: Rights groups join critics of Safe Harbor framework update, OPM breach testimony pushback, FBI hiring part of cybersecurity issue for Justice Department. Plus: recycled malware, Microsoft's security push.

  • November 19, 2015 19 Nov'15

    Experts: DNSSEC protocol can't be worse than certificate authorities

    The DNSSEC protocol is a flawed solution to certificate authorities, but experts said any controversy surrounding the potential spying is more misunderstanding than fact.

  • Sponsored News

    • Optimize Your Journey to Azure AD

      For IT managers under pressure to improve security while streamlining costs and resources, the decision to adopt cloud-based applications such as Office 365 is easy. Unfortunately, the transition from on-premises Active Directory to cloud-based Microsoft Azure Active Directory (Azure AD) or a hybrid solution may not be as easy as it would seem. Even those already operating in the cloud could benefit by optimizing their environments. See More

    • RAND Model Quantifies Staying Power of Security Technologies

      When you estimate the ROI of a new security technology, you usually assume that it will provide the same value year after year. But the RAND Corporation has developed a sophisticated new model of the costs and benefits of cybersecurity which has produced a surprising result. See More

    • When It Comes to Security, Protection and Performance Matter

      Malware is becoming more sophisticated and today it's commonly hidden inside a larger file, or encrypted so a firewall device can't decrypt it. Meanwhile, the price of cyberhacking tools is going down, so denial of service attacks, eavesdropping software, and Wi-Fi interception devices are less expensive and more readily available. See More

    • Top 4 Reasons Why Security and Networking Are Coming Together

      Until recently cybersecurity and networking could be treated as separate domains, with different devices, different management tools and different staffs. But that approach won’t fly today. This paper discusses why security needs to be integrated into networking equipment, monitoring and management. See More

    View All Sponsored News
  • November 19, 2015 19 Nov'15

    TechTarget Survey: IT risk management, compliance top tasks

    TechTarget 2015 Annual Salary and Careers Survey: Out of the myriad of security responsibilities for an enterprise, IT risk management and regulatory compliance occupy the most time.

  • November 18, 2015 18 Nov'15

    Going dark: FBI continues effort to bypass encryption

    The FBI's effort to gain access to encrypted devices and data has led to a standoff with technology companies, such as Apple. Here's where the 'going-dark' debate stands.

  • November 13, 2015 13 Nov'15

    FBI accused of paying Carnegie Mellon $1M to hack Tor network

    The Tor Project said that the Carnegie Mellon researchers behind an attack on the hidden service subsystem carried out last year were paid $1 million by the FBI to hack Tor network.

  • November 13, 2015 13 Nov'15

    Java vulnerability caused by unpatched open source library

    News roundup: WebSphere, JBoss, Jenkins and more hit by Java vulnerability in an open source library. Plus, SAP HANA deals with critical vulnerabilities, and more.

  • November 11, 2015 11 Nov'15

    November 2015 Patch Tuesday: Font handling strikes again

    Microsoft's November 2015 Patch Tuesday delivers 12 total bulletins, four of which are critical, and one issue with font handling that angers one expert.

  • November 10, 2015 10 Nov'15

    Bluebox tackles mobile application threats for BYOD

    Bluebox Security unveiled a troubling study on mobile application threats and also introduced a new product to protect consumer apps on employee-owned devices.

  • November 10, 2015 10 Nov'15

    NSA vulnerability disclosure policy balances offense and defense

    The NSA published its vulnerability disclosure policy, which aims to balance intelligence benefits with security, but experts said the policy raises more questions than it answers.

  • November 06, 2015 06 Nov'15

    Bad news for encryption security, PKI certificate revocation

    News roundup: Troubling research on PKI certificate revocation; encryption research finds usability lacking; GnuPG adds features. Plus: More zero-days, xCodeGhost still haunting Apple and more.

  • November 05, 2015 05 Nov'15

    Experts: Cyber liability insurance and lawsuits set to improve security

    Cyber liability insurance claims and lawsuits are expected to rise considerably in the next couple years, and experts believe they will lead to improved security for enterprises and developers.

  • November 03, 2015 03 Nov'15

    CSIP aims to modernize U.S. government cybersecurity

    Experts approve of the Cybersecurity Strategy and Implementation Plan issued by the White House to strengthen government cybersecurity guidelines and practices, but worry about implementation.