April 2016
-
April 29, 2016
29
Apr'16
Apple/FBI battle continues over iPhone vulnerabilities
More fallout from the Apple/FBI conflict: The second iPhone suit was dropped; the FBI can't provide details of a tool used to unlock the San Bernardino shooter's phone. Continue Reading
-
April 28, 2016
28
Apr'16
PCI DSS 3.2 focuses on encryption and multifactor authentication
PCI DSS 3.2 marks the start of refining the payment data regulations, rather than minor changes, and includes requirements to strengthen encryption and multifactor authentication. Continue Reading
-
April 27, 2016
27
Apr'16
What should candidates expect in interviews for CISO jobs?
When candidates prepare for a CISO job interview, they should know the answer to 12 specific questions. Expert Mike O. Villegas reviews the questions. Continue Reading
-
April 26, 2016
26
Apr'16
Verizon DBIR 2016 shows we haven't learned how to improve security
The 2016 Verizon DBIR skimps on data breach analysis and instead focuses on common issues, such as phishing, vulnerability management and access controls, which are still befuddling IT pros. Continue Reading
-
April 26, 2016
26
Apr'16
Simple, yet undetectable Windows AppLocker bypass discovered
A Windows command-line utility dating back to XP, Regsvr32, reportedly enables a simple and virtually undetectable Windows AppLocker whitelist bypass. Continue Reading
-
April 26, 2016
26
Apr'16
How can Vonteera adware be prevented from disabling antimalware?
Vonteera adware has the ability to disable antimalware software on endpoint devices. Expert Nick Lewis explains how enterprises can prevent this attack. Continue Reading
-
April 26, 2016
26
Apr'16
Why a cap-less cybersecurity budget could harm security
An unlimited cybersecurity budget may sound like a dream, but in reality it could do more harm than good for an enterprise. Expert Mike O. Villegas explains. Continue Reading
-
April 25, 2016
25
Apr'16
ModPOS: How can enterprises defend against POS malware?
ModPOS, a new POS malware, compromised millions of credit card accounts in 2015. Expert Nick Lewis explains how cybercriminals use this malware and what can be done to stop it. Continue Reading
-
April 25, 2016
25
Apr'16
Software-defined network security: A 'no-touch' approach
One way to achieve software-defined network security is to implement a no-touch approach to networking administration. Learn how it can be done, and what needs to change before it’s possible. Continue Reading
-
April 25, 2016
25
Apr'16
Can credit card hacking be stopped with Chip and PIN alone?
Amex cards have been discovered to be vulnerable to credit card hacking. Expert Nick Lewis explains how this happens, and what can be done about Chip and PIN security. Continue Reading
-
April 25, 2016
25
Apr'16
Choosing secure file transfer products for your enterprise
Are you concerned about file transfer security? Expert Karen Scarfone discusses the best products for transporting files while maintaining their confidentiality. Continue Reading
-
April 22, 2016
22
Apr'16
'Going dark' battle moves to Congressional encryption hearing
Experts face off in Congress over 'going dark' encryption debate, stake out positions on security, privacy and government access; polls show support for strong encryption. Continue Reading
-
April 21, 2016
21
Apr'16
Oracle patches now more critically rated with CVSS 3.0
Oracle patches 136 security flaws in various products and a number of vulnerabilities were rated more critical because of a switch to CVSS 3.0. Continue Reading
-
April 21, 2016
21
Apr'16
How to buy the best SSL for your enterprise
To choose the best SSL for your enterprise, you need to stay up to date on SSL/TLS encryption developments. Learn why SSL/TLS remains a vital technology and how to determine the approach that will work best for your company. Continue Reading
-
April 21, 2016
21
Apr'16
How does the banking Trojan Dyreza exploit Windows 10?
A variant of banking Trojan Dyreza has begun to target Windows 10. Expert Nick Lewis explains the new attack functionalities, and Windows 10 and user vulnerabilities. Continue Reading
-
April 21, 2016
21
Apr'16
Breaking down the DROWN attack and SSLv2 vulnerability
A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take. Continue Reading
-
April 21, 2016
21
Apr'16
JBoss vulnerability highlights dangers of unpatched systems
Up to 3.2 million servers with unpatched JBoss vulnerability from 2010 are open to spread ransomware through networks; experts urge keeping up with software patches to stay safe. Continue Reading
-
April 21, 2016
21
Apr'16
Google's second Android Security Report is a mixed bag
The second annual Android Security Report details a number of ways Google has been working to improve security on its mobile platform but also highlights persistent problems. Continue Reading
-
April 21, 2016
21
Apr'16
Find the security advantage in SDN
The implications of software-defined networking (SDN) are still being sorted out. Still, there is little doubt that this approach brings sweeping changes throughout the IT infrastructure and the way it is managed.
Decoupling network ... Continue Reading
-
April 20, 2016
20
Apr'16
How did remote access Trojan GlassRAT evade detection?
A remote administration tool like GlassRAT can go undetected for long periods of time. Expert Nick Lewis uncovers how this type of malware works and affects corporations. Continue Reading