January 2017
-
January 17, 2017
17
Jan'17
How does USBee turn USB storage devices into covert channels?
USB storage devices can be turned into covert channels with a software tool called USBee. Expert Nick Lewis explains how to protect your enterprise data from this attack. Continue Reading
-
January 17, 2017
17
Jan'17
Stop app attacks with a web application firewall
Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF. Continue Reading
-
January 17, 2017
17
Jan'17
Managing vulnerable software: Using data to mitigate the biggest risks
Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report. Expert Nick Lewis explains how your enterprise can manage them. Continue Reading
-
January 16, 2017
16
Jan'17
How do man-in-the-middle attacks on PIN pads expose credit card data?
Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks. Continue Reading
-
January 16, 2017
16
Jan'17
security
Security, in information technology (IT), is the defense of digital information and IT assets against internal and external, malicious and accidental threats. Continue Reading
-
January 13, 2017
13
Jan'17
Microsoft privacy tools give users control over data collection
New Microsoft privacy tools will give users control over the data collected on the web and within Windows. Experts hope the tools will offer data privacy transparency. Continue Reading
-
January 13, 2017
13
Jan'17
St. Jude Medical finally patches vulnerable medical IoT devices
News roundup: St. Jude Medical patches vulnerable medical IoT devices after a five-month controversy. Plus, the Email Privacy Act is reintroduced; Juniper warns of a firewall flaw; and more. Continue Reading
-
January 12, 2017
12
Jan'17
Google Cloud KMS simplifies the key management service, but lacks features
Experts are impressed with the simplicity of Google's Cloud KMS even if it doesn't separate itself from the key management service competition. Continue Reading
-
January 12, 2017
12
Jan'17
What effect does FITARA have on U.S. government cybersecurity?
FITARA became a law in 2014, but government cybersecurity continues to struggle. Expert Mike O. Villegas discusses the effects of the law. Continue Reading
-
January 12, 2017
12
Jan'17
Risk & Repeat: CES Cybersecurity Forum tackles passwords, IoT
In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event. Continue Reading
-
January 11, 2017
11
Jan'17
Insider threat detection tools that sniff out dangers from within
Learn about the insider threat detection tools that can zero-in on anomalous user behavior. Malicious or accidental, the insider threat is one of the most dangerous and costly to companies. Continue Reading
-
January 11, 2017
11
Jan'17
Tackle IT threats that originate inside your company
IT threats are tough to tackle when they originate from within your business. This technical guide considers that issue and offers ways to deal with insider security threats. Continue Reading
-
January 11, 2017
11
Jan'17
Are bug bounty programs secure enough for enterprise use?
The use of bug bounty programs in enterprises is growing, but they aren't risk free. Expert Mike O. Villegas discusses some concerns related to bug bounties. Continue Reading
-
January 11, 2017
11
Jan'17
Insecure MongoDB configuration leads to boom in ransom attacks
Poor authentication in MongoDB configurations has led to a sharp increase in ransom attacks, and experts say tens of thousands of databases could be at risk. Continue Reading
-
January 10, 2017
10
Jan'17
January Patch Tuesday sparse before Windows security updates change
Microsoft offers up a meager January 2017 Patch Tuesday release before bigger changes planned for Windows security update announcements, which are set to take effect in February. Continue Reading
-
January 10, 2017
10
Jan'17
Insider Edition: Attaining security for IoT, through discovery, identity and testing
Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second ... Continue Reading
-
January 10, 2017
10
Jan'17
How to maintain digital privacy in an evolving world
Protecting a user's digital privacy across different technologies requires a plethora of tools. Expert Matthew Pascucci explores the different ways to protect sensitive data. Continue Reading
-
January 10, 2017
10
Jan'17
What are the potential pros and cons of a Cyber National Guard?
A congressman proposed adding a Cyber National Guard to the military to protect the U.S. from cyber adversaries. Expert Mike O. Villegas examines the potential drawbacks of this branch. Continue Reading
-
January 10, 2017
10
Jan'17
Privileged access management and security in the enterprise
This Security School explores the important steps enterprises need to take when managing privileged access accounts to prevent credential abuse and security incidents. Continue Reading
-
January 09, 2017
09
Jan'17
Git repos hide secret keys, rooted out by Truffle Hog
Truffle Hog utility roots out and detects text blobs with enough entropy to be secret keys -- even those buried deep in old Git repositories -- to prevent exploits. Continue Reading