May 2016

• May 31, 2016 31 May'16

  Defense-in-depth strategy: Growing cyberthreat intelligence

  Cybersecurity defense in depth needs to learn from the military strategy it originated from. Expert Peter Sullivan explains where cybersecurity should not deviate.  Continue Reading

• May 27, 2016 27 May'16

  House Reps tackle Rule 41 to limit government hacking

  US Reps. Poe and Conyers join Sen. Wyden's fight against changes to Rule 41 that would remove limits on government hacking, introduce companion bill to quash changes.  Continue Reading

• May 27, 2016 27 May'16

  'Ingenious' attack mixes memory deduplication with Rowhammer

  Researchers demonstrated an exploit that combines rare attacks on memory deduplication and Rowhammer in order to allow an adversary access to read or write system memory.  Continue Reading

• May 27, 2016 27 May'16

  RSA: Cloud visibility, analytics crucial to enterprises

  RSA's Rashmi Knowles spoke with SearchCloudSecurity about enterprises struggling with security visibility, and how analytics and data science can help.  Continue Reading

• May 26, 2016 26 May'16

  How can an external CISO hire overcome new job challenges?

  An external CISO hire can often struggle with the new role and fitting in with the company's existing security program. Luckily, there are ways to overcome these challenges.  Continue Reading

• May 26, 2016 26 May'16

  Retiring obsolete SHA-1 and RC4 cryptographic algorithms, SSLv3 protocol

  Microsoft speeds deprecation of SHA-1, Google dropping support for RC4, SSLv3, as web software publishers approach end of life for obsolete cryptographic algorithms and protocols.  Continue Reading

• May 26, 2016 26 May'16

  New spec aims to improve DNS privacy with TLS

  In order to stop metadata snooping by law enforcement and hackers, a proposed spec aims to improve DNS privacy with TLS.  Continue Reading

• May 26, 2016 26 May'16

  The best email encryption products: A comprehensive buyer's guide

  Email encryption is a critical component of enterprise security. In this buyer's guide, expert Karen Scarfone breaks down what you need to know to find the best email encryption software for your organization.  Continue Reading

• May 25, 2016 25 May'16

  Are cybersecurity lawyers necessary for organizations?

  Cybersecurity lawyers can help handle a variety of enterprise security issues, but are they necessary? Expert Mike O. Villegas discusses the potential benefits.  Continue Reading

• May 25, 2016 25 May'16

  What do CISO training programs cover and are they worth it?

  CISO training programs, like the Deloitte CISO Transition Lab, are available for those who are new to the role. Expert Mike O. Villegas explains what's covered in these programs.  Continue Reading

• May 25, 2016 25 May'16

  Symantec vulnerability raises big questions for antivirus industry

  SearchSecurity's Risk & Repeat podcast discusses the Symantec vulnerability disclosed by Google Project Zero and what the bug means for the antivirus industry.  Continue Reading

• May 25, 2016 25 May'16

  IAM strategy: Update to work with new technologies

  Your organization needs to make decisions about its IAM strategy in order to keep up with the new technologies its deploying. Steps to take begin at the policy level.  Continue Reading

• May 25, 2016 25 May'16

  Expanding the IAM infrastructure to meet emerging challenges

  Your IAM infrastructure should cut through the 'access excess' that is plaguing most companies. Learn how to overcome the challenges posed by migration to cloud and mobility.  Continue Reading

• May 24, 2016 24 May'16

  Lieu, Hurd school House colleagues on cyberhygiene, defense

  Former computer science majors Lieu and Hurd wrote to their U.S. House of Representatives colleagues, urging improved awareness of cyber risks and cyberhygiene.  Continue Reading

• May 24, 2016 24 May'16

  Paul Vixie on IPv6 NAT, IPv6 security and Internet of Things

  Internet pioneer Paul Vixie spoke with SearchSecurity about IPv6 NAT, IPv6 and the Internet of Things, and the long, thankless path to deploying IPv6.  Continue Reading

• May 24, 2016 24 May'16

  Sorry Mr. Snowden -- encryption isn't the only path to security

  Encryption shouldn't be used to protect people from themselves, especially if it gets in the way of innovation.  Continue Reading

• May 24, 2016 24 May'16

  Android N security updates leave unanswered questions

  Google unveiled the next version of its mobile OS, and Android N security will be improved in a few ways, although Google still can't fix OS updates.  Continue Reading

• May 24, 2016 24 May'16

  Why a federal CISO is necessary for the U.S. government

  President Obama's proposed 2017 budget includes a much bigger focus on cybersecurity and calls for the creation of a federal CISO position. Expert Mike Villegas discusses the role.  Continue Reading

• May 23, 2016 23 May'16

  How does Latentbot use obfuscation in its attacks?

  Latentbot malware has layers of obfuscation that makes it hard to detect. Expert Nick Lewis explains how its process works, beginning with a phishing email, and how to stop it.  Continue Reading

• May 23, 2016 23 May'16

  How does Rekoobe Linux malware spread and avoid detection?

  A hard to detect type of Linux malware, Rekoobe, can download files to user systems. Expert Nick Lewis explains the malware's key functionality and how to mitigate attacks.  Continue Reading