igor - Fotolia
Security Bytes
This blog covers topics across the spectrum of security, privacy and compliance, as well as the people and issues driving enterprise infosec today.
Recent Posts
-
FedRAMP security requirements put a premium on automation
- Associate Editorial Director 17 Apr 2018 -
Privacy protections are needed for government overreach, too
- Associate Editorial Director 31 Mar 2018 -
Apple GDPR privacy protection will float everyone's privacy boat
- Site Editor 30 Mar 2018
Matt Goodrich, director for the Federal Risk and Authorization Management Program, detailed FedRAMP security requirements and automation at RSA's Cloud Security Alliance Summit.
Following the Facebook-Cambridge Analytica controversy, major tech companies pledged to defend users from corporate data misuse, but they're ignoring a more serious privacy threat.
With its embrace of new tools for protecting consumer privacy, Apple GDPR privacy protection will be available to all users as the EU's new privacy protection legislation is set to start ...
-
RSA Conference keynotes miss the point of diversity
- Associate Site Editor 27 Mar 2018 -
Facebook's 2FA bug lands social media giant in hot water
- Associate Editorial Director 23 Feb 2018 -
Symantec's untrusted certificates: How many are still in use?
- Associate Editorial Director 08 Feb 2018 -
Blizzard security flaw should put game developers on notice
- Associate Editorial Director 26 Jan 2018 -
The strange case of the 'HP backdoor' in Lenovo switches
- Associate Editorial Director 18 Jan 2018 -
Intel keynote misses the mark on Meltdown and Spectre vulnerabilities
- Associate Editorial Director 09 Jan 2018 -
Official TLS 1.3 release date: Still waiting, and that's OK
- Site Editor 29 Dec 2017
RSA Conference keynotes now include a handful of distinguished women, but very few will be speaking about cybersecurity, falling short of truly equal representation.
Facebook came under fire after a two-factor authentication bug sent non-security notifications to users' phones, sparking a debate about media coverage and 2FA adoption.
A security researcher found that a significant number of popular websites are still using untrusted certificates from Symantec, which will be invalidated this year.
A newly-discovered Blizzard security bug, which affected all of the company's popular PC games including Overwatch, should serve as a warning for the video game industry.
Lenovo's discovery of an authentication bypass, literally titled "HP backdoor," within its networking switches brings unsettling implications for the IT industry.
With CEO Brian Krzanich's keynote at the 2018 Consumer Electronics Show, Intel missed an opportunity for the Meltdown and Spectre vulnerabilities.
Protocol scrutiny is good for the upcoming TLS 1.3 update as the process continues to expose, and fix, problems.
-
After 2017, data breach fatigue should be a thing of the past
- Associate Editorial Director 28 Dec 2017 -
OWASP Top Ten: Surviving in the cyber wilderness
- Site Editor 07 Dec 2017 -
The CASB market is (nearly) gone but not forgotten
- Associate Editorial Director 30 Nov 2017 -
Uber data breach raises unsettling questions for infosec
- Associate Editorial Director 22 Nov 2017 -
The Equation Group malware mystery: Kaspersky offers an explanation
- Associate Editorial Director 31 Oct 2017
Data breach fatigue should be put on hold after the Equifax data breach and Uber hack taught us painful lessons about enterprise security shortcomings.
The latest version of the OWASP Top Ten web application risks is much like previous versions, and that's not a bad thing at all.
A series of acquisitions have drastically reduced the number of stand-alone cloud access security brokers and reshaped the CASB market for years to come.
The Uber data breach episode is another black eye for the ride sharing company, but the cover up raises troubling implications for the infosec community.
Kaspersky Lab finally explained how it came to possess Equation Group malware, but does the company's latest statement answer enough questions about the ongoing drama?