Hailed by card brands as the cure to payment card fraud, Chip and PIN security technology will take years to deploy and has already proven vulnerable.
18 Jul 2014 CSA releases new Cloud Controls Matrix and CAIQ standards (SearchCloudSecurity.com)
The Cloud Security Alliance has updated its Cloud Controls Matrix (CCM) and Consensus Assessments Questionnaire (CAIQ) to help enterprises standardize cloud provider security assessments.
With another round of patches for several serious Java flaws, Oracle's quarterly CPU showed that Java security problems are not receding.
Apple expands 2FA feature to boost security (ComputerWeekly.com)
Apple has expanded two-factor authentication for all its services to 48 more countries, bringing the total to 59
New Ponemon Institute data shows enterprise executives rarely if ever talk with their security teams, and that threat modeling may be underused.
16 Jul 2014 Total internet failure: are you prepared? (ComputerWeekly.com)
A total internet failure could stop any business in its tracks, yet few are preparing for this possibility, KPMG has warned
New data law a serious expansion of surveillance, say law experts (ComputerWeekly.com)
The emergency surveillance legislation being rushed through parliament could be in breach of European law, 15 technology law experts have warned
Despite what may be a dangerous new Active Directory "pass the hash" attack variant, Microsoft has downplayed the issue as a technical limitation.
Verizon unveils cloud-based WAF (SearchCloudSecurity.com)
Verizon bolstered its cloud security presence with a new web application firewall. The cloud-based WAF puts the telecom giant in the growing cloud firewall market with Akamai, Imperva and others.
Old AWS API key led to search provider's cloud security breach (SearchCloudSecurity.com)
Exclusive: The co-founder of One More Cloud explains how an old AWS API key was used to take down the company's services, and the hard lessons learned.
14 Jul 2014 Cloud malware analysis a must-have for advanced threat protection (SearchCloudSecurity.com)
Cloud-based malware analysis is becoming a must-have feature for both established and upstart advanced threat protection vendors.
Info sharing key to cyber defence, says financial services firm (ComputerWeekly.com)
Threat information sharing is key to success in combating cyber attacks, says the Depository Trust and Clearing Corporation
Former CSO Paul Howell details the school's Heartbleed response and how he overcame challenges with assessment, patching and communication.
News roundup: Facebook's manipulation of users' news feeds has reignited the data privacy debate regarding how enterprises should manage user data.
Microsoft's July 2014 Patch Tuesday release addressed two dozen flaws in Internet Explorer. Adobe also provided a critical update for Flash.
Following the collapse of an AWS-based cloud hosting provider, experts say enterprises should prioritize use of multifactor authentication.
Though Oracle has confirmed that Windows XP users will not see Java 8 updates for now, security support for Java 7 is still possible.
Most NSA spy data relates to innocent internet users, report shows (ComputerWeekly.com)
Study shows NSA's internet surveillance collects more data from ordinary internet users than legitimate targets
Top Security Story
Essential Guide: Windows XP security after end of updates for XP SearchSecurity.com | 08 Apr 2014
Learn about security implications of the April 2014 Windows XP end-of-life date and the end of XP security updates, plus planning an XP migration.