News

News

• May 03, 2017 03 May'17

  Verizon DBIR 2017 loses international contributors

  Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, ...

• May 02, 2017 02 May'17

  NATO cyberwar games show the U.S. needs more practice

  The NATO Locked Shields cyberwar games had the U.S. team winning most improved, but experts say the U.S. still needs more practice.

• May 02, 2017 02 May'17

  Mozilla: Symantec certificate remediation plan not enough

  Mozilla reviews the counterproposal from Symantec and urges the CA giant to opt for Google's recommendation to outsource its certificate activities.

• April 28, 2017 28 Apr'17

  Symantec certificate authority offers counter-proposal to Google

  Symantec certificate authority proposal takes the pain out of sanctions for misissued certs, offers more audits, greater transparency and promise of "continuous improvement."

• April 28, 2017 28 Apr'17

  Verizon DBIR 2017: Basic cybersecurity focus misplaced

  Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017.

• Sponsored News

  • Riding the Wave to Enterprise AI at Scale: The Transformation of Client Solutions

    Sponsored by Dell Technologies - While it’s true that AI is moving rapidly toward universal adoption, it is in the enterprise where AI is having its greatest impact. Enterprise AI certainly is an area of massive resource investment: Research pegs the size of the 2025 global enterprise AI market at $97 billion, growing to an astonishing $229 billion by 2030. All forms of AI—agentic AI, generative AI, machine learning, and predictive AI, to name a few—are transforming how, when, where, and why work is done. See More

  • The “Personal Touch” of AI is Undeniable, Thanks for Impressive Advances in Client Solutions

    Sponsored by Dell Technologies - The trend toward personal—and personalized—artificial intelligence (AI) has swiftly moved from interesting idea to undeniable market transformational catalyst. Research points out that 61% of U.S. adults have used AI in the past six months, with a growing number of those using it daily. This not only is an expected byproduct of widespread AI use in businesses and other enterprises, but the rapidly accelerating number of consumer-oriented use cases. See More

  • The Deepening Impact of “AI Everywhere” is Revolutionizing Client Solutions

    Sponsored by Dell Technologies - Artificial intelligence (AI) has rapidly become the technical development with the most profound impact on how we work, play, live, and interact. Although AI has been around for decades, earlier generations of expert systems, knowledge systems, and decision-support systems pale in comparison to the capabilities of the AI of today…and tomorrow. See More

  View All Sponsored News
• April 28, 2017 28 Apr'17

  Pretexting is a rising threat, according to 2017 Verizon DBIR

  The 2017 Verizon DBIR details threats becoming more popular, like ransomware, and some that are less known, but dangerous, like pretexting.

• April 28, 2017 28 Apr'17

  Still waiting for a cybersecurity executive order from Trump

  News roundup: A cybersecurity executive order overdue, but 'close and nearby.' Plus, the USPTO says it will stop using HTTPS; a teenage hacker sentenced to prison; and more.

• April 28, 2017 28 Apr'17

  Risk & Repeat: More Equation Group cyberweapons leaked

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of Equation Group cyberweapons and how Microsoft patched them.

• April 27, 2017 27 Apr'17

  AWS promises to be GDPR compliant by May 2018 deadline

  Amazon promises all AWS cloud services will be GDPR compliant before enforcement of the new EU data privacy regulation starts in 2018, offers customers assistance.

• April 25, 2017 25 Apr'17

  Symantec certificate authority issues, answered

  Google and Mozilla weigh the proper response to Symantec certificate authority issues, as the CA giant prepares an alternative proposal for reinstating trust.

• April 25, 2017 25 Apr'17

  NSA spyware found infecting tens of thousands worldwide

  A new security tool will let users scan their systems for the presence of NSA spyware found in the latest Equation Group leak, and tens of thousands are already infected.

• April 21, 2017 21 Apr'17

  Stuxnet worm flaw still the most exploited after seven years

  Security researchers say the vulnerability behind the infamous Stuxnet worm is still the most exploited in the world, seven years after being patched.

• April 21, 2017 21 Apr'17

  Hajime worm fights the forces of evil IoT malware, maybe

  News roundup: The Hajime worm is the nicer, sneakier brother of Mirai malware. Plus, the FBI and CIA hunt for the Vault 7 whistleblower, Symantec adds to Zscaler lawsuit, and more.

• April 20, 2017 20 Apr'17

  Oracle patches Apache Struts exploits, Equation Group vulnerability

  There were 299 Oracle patches in the April Critical Patch Update, including a fix for the Apache Struts exploits found in the wild and a vulnerability from the Equation Group dump.

• April 19, 2017 19 Apr'17

  Risk & Repeat: Mozilla joins the Symantec certificate authority debate

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss mounting pressure on the Symantec certificate authority business to provide answers about its practices.

• April 18, 2017 18 Apr'17

  Shadow Brokers' Windows exploits target unsupported systems

  A new release of NSA cyberweapons falls flat, as Windows exploits from the Shadow Brokers have mostly been patched. But unsupported systems are still at risk.

• April 14, 2017 14 Apr'17

  Shadow Brokers release SWIFT banking and Windows exploits

  The Shadow Brokers released another cache of cyberweapons linked to the Equation Group, including Windows exploits and attack details for the SWIFT banking system.

• April 14, 2017 14 Apr'17

  DARPA's SSITH program takes aim at hardware vulnerabilities

  News roundup: DARPA's SSITH program tackles hardware vulnerabilities for better security. Plus, new risks placed in OWASP Top 10, SWIFT launches new anti-fraud tool, and more.

• April 13, 2017 13 Apr'17

  U.S. election hacking not an act of cyberwarfare, experts say

  The government needs a better definition for an act of cyberwarfare, says ex-CIA Director Michael Hayden, because he doesn't think the U.S. election hacking applies.

• April 12, 2017 12 Apr'17

  Symantec CA woes debated by browser community

  Compliance with CA/B Forum Baseline Requirements was debated after Symantec CA posted responses to 14 issues raised by Mozilla developers.

• April 12, 2017 12 Apr'17

  Security Update Guide brings growing pains to Patch Tuesday

  Microsoft fundamentally changes how IT pros will consume Patch Tuesday releases with the Security Update Guide and brings fixes for an actively exploited Word zero-day.

• April 11, 2017 11 Apr'17

  CIA Vault 7 tools attributed to hacking group for years

  Security researchers said the CIA Vault 7 tools and techniques are linked to cyberattacks over the past six years targeting various foreign entities.

• April 07, 2017 07 Apr'17

  State Department hack and APT29 prove attacker resilience

  News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more.

• April 07, 2017 07 Apr'17

  Windows 10 telemetry data collection details revealed

  Microsoft exposes Windows 10 telemetry practices just a week before Creators Update; may allay privacy concerns over Windows 10 data collection.

• April 06, 2017 06 Apr'17

  Public/private threat intelligence sharing faces roadblocks

  The U.S. government says it wants to improve threat intelligence sharing between the public and private sectors, but experts are unsure that is possible in the current climate.

• April 06, 2017 06 Apr'17

  Chinese hacking group APT10 linked to global trade target

  Evidence points to Chinese hacking group APT10 conducting economic espionage in the breach of a trade policy group prior to U.S.-China trade summit talks in Florida.

• April 05, 2017 05 Apr'17

  Risk & Repeat: Strong encryption under fire again

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of the encryption debate and what it means for apps that use strong encryption.

• April 05, 2017 05 Apr'17

  Pegasus malware expands from iOS to Android

  One of the more malicious iOS threats -- Pegasus malware -- has made its way to Android devices and it has some dangerous new tricks in its arsenal.

• April 05, 2017 05 Apr'17

  Internet security protocol bodies ISOC, OTA announce merger

  The two leading internet security protocol bodies, Online Trust Alliance and Internet Society, merge to work for improved IoT security and online security.

• April 04, 2017 04 Apr'17

  Symantec certificate authority issues listed by Mozilla developers

  Mozilla developers respond to questionable Symantec certificate authority practices, as the security provider questions Google's proposed solutions.

• March 31, 2017 31 Mar'17

  Risk & Repeat: Google slams Symantec certificates

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Google's proposed plan to distrust Symantec certificates following more allegations of mis-issuance.

• March 31, 2017 31 Mar'17

  EU encryption backdoor options for messaging apps set for June

  Messaging app developers will be offered 'three or four' legislative and non-legislative options for encryption backdoor access for EU law enforcement.

• March 31, 2017 31 Mar'17

  WikiLeaks' false flag attack allegations against CIA unfounded

  Another set of documents from the Vault 7 CIA cache was released by WikiLeaks, but experts say the allegations of false flag attacks are unfounded and dangerous.

• March 31, 2017 31 Mar'17

  Obama-era cyber executive order extended by Trump

  A cyber executive order from the Obama era has been extended by President Trump to allow sanctions placed on cybercriminals who attack the U.S.

• March 31, 2017 31 Mar'17

  HTTPS traffic has yet to surpass HTTP traffic, Fortinet study shows

  News roundup: HTTPS traffic has yet to surge, despite its security benefits, according to a report. Plus, the latest in the Apple extortion; a Mirai attack lasted 54 hours; and more.

• March 30, 2017 30 Mar'17

  Experts debunk strong encryption claims by FBI's Comey

  FBI Director James Comey clearly laid out his views on strong encryption and urged more conversation, but experts say his arguments fall flat and may even be misleading.

• March 30, 2017 30 Mar'17

  Google's Project Zero Prize uncovers zero Android remote exploits

  After six months, Google's Project Zero Prize competition uncovered zero Android remote exploits: no bugs, no prizes, no entries.

• March 29, 2017 29 Mar'17

  Potential SSL API flaw could reveal private keys

  A researcher claims to have found Symantec SSL API issues with extremely dangerous consequences, but a lack of evidence causes confusion.

• March 24, 2017 24 Mar'17

  Encryption debate needs to be nuanced, FBI's Comey says

  FBI Director James Comey brought the encryption debate back to the forefront by asking for a 'nuanced and thoughtful' conversation on the topic before there is a serious attack.

• March 24, 2017 24 Mar'17

  Google considers options on Symantec certificate authority 'failures'

  Symantec certificate authority cries foul, as Google considers severe options following the company allegedly misissuing as many as 30,000 digital certificates.

• March 24, 2017 24 Mar'17

  Cisco issues fix for Vault 7 vulnerability without help from WikiLeaks

  News roundup: Cisco fixes a Vault 7 flaw unaided, despite WikiLeaks' pledge to work with vendors. Plus, LastPass flaws leak user data; Apple held hostage by hackers; and more.

• March 23, 2017 23 Mar'17

  DV certificates abused, but policing may not be possible

  Research shows DV certificates can be a prime target for phishing and malware operators, but experts are unsure how certificate authorities should deal with the issue.

• March 22, 2017 22 Mar'17

  Risk & Repeat: Accused Yahoo hackers indicted

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the indictments of the alleged Yahoo hackers and how the attackers minted Yahoo authentication cookies.

• March 22, 2017 22 Mar'17

  HTTPS interception, middlebox models under fire

  HTTPS interception in security products and services may be reducing security rather than improving it, according to US-CERT, which puts middleboxes in a precarious position.

• March 21, 2017 21 Mar'17

  WikiLeaks' disclosure of CIA hacks comes with requirements

  WikiLeaks reportedly made demands of vendors at risk from the Vault 7 CIA hacks, but without knowing what the requirements are, experts are unsure how to react.

• March 21, 2017 21 Mar'17

  FBI investigating Trump campaign ties to Russia, DNC breach

  FBI Director James Comey confirmed the bureau is investigating the Trump campaign's ties to the Russian government and election cyberattacks such as the DNC breach.

• March 17, 2017 17 Mar'17

  Yahoo fallout: Minted authentication cookies raise concerns

  Although minting authentication cookies is not widely understood, the Yahoo hacker indictments has brought it to the forefront and shown it can be very dangerous.

• March 17, 2017 17 Mar'17

  Will the Yahoo breach indictments be an effective hacker deterrent?

  The Department of Justice indicted suspects in the 2014 Yahoo breach, but experts are unsure if this will prove to be an effective hacker deterrent moving forward.

• March 15, 2017 15 Mar'17

  DOJ indicts suspected Yahoo hackers from Russia; extradition unclear

  The U.S. Department of Justice indicted four men -- including two Russian Federal Security Service officers -- accused of being the Yahoo hackers, but only one person was arrested.

• March 15, 2017 15 Mar'17

  Risk & Repeat: Leak of CIA hacking tools creates confusion

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the confusion around WikiLeaks' release of government documents regarding CIA hacking tools.

• March 14, 2017 14 Mar'17

  Nine critical Windows security bulletins in Patch Tuesday

  After its cancelled February Patch Tuesday, Microsoft's March 2017 Patch Tuesday includes nine critical Windows security bulletins targeting remote code execution flaws.

• March 14, 2017 14 Mar'17

  Is the antivirus industry dead? Experts weigh in

  RSAC 2017: With malware-detecting software increasingly coming under fire for vulnerabilities, find out what the experts had to say about the future of the antivirus industry.

• March 14, 2017 14 Mar'17

  Deprecated SHA-1 certificates trip up SAP Ariba

  SHA-1 certificates are still in play, despite browser deprecation, as SAP Ariba advises legacy users to use unpatched browsers to avoid error messages, blocked access.

• March 14, 2017 14 Mar'17

  Android ransomware and more pre-installed on devices

  Security researchers found Android ransomware and malware pre-installed on popular devices, putting users at risk for information theft, tracking and more.

• March 10, 2017 10 Mar'17

  Report on zero-day vulnerabilities highlights shelf life, overlap

  News roundup: Report on zero-day vulnerabilities questions government stockpiling. Plus, Comey talks encryption and privacy, FCC blocks consumer protection rule, and more.

• March 10, 2017 10 Mar'17

  WikiLeaks vows to disclose CIA hacking tools; CIA to investigate

  WikiLeaks founder Julian Assange promised to work with vendors to help patch products vulnerable to CIA hacking tools, while the FBI and CIA will investigate the leak.

• March 09, 2017 09 Mar'17

  Operation Rosehub patches Java vulnerabilities in open source projects

  Google employees recently completed Operation Rosehub, a grass roots effort that patches a set of serious Java vulnerabilities in thousands of open source projects.

• March 08, 2017 08 Mar'17

  Responsible vulnerability disclosure lacking by CIA and WikiLeaks

  Experts criticize both WikiLeaks and the CIA for failing responsible vulnerability disclosure around the Vault 7 documents, and question the CIA's use of the VEP.

• March 08, 2017 08 Mar'17

  Vault 7 CIA hacking weapons include iOS, Android and Windows zero days

  WikiLeaks released a massive dump of files it claims to be CIA hacking tools, codenamed Vault 7, which includes iOS and Android zero-day exploits.

• March 06, 2017 06 Mar'17

  FBI chooses to protect Tor vulnerability and dismiss child porn case

  The Department of Justice dropped a child pornography case in order to avoid disclosing a Tor vulnerability; dozens more cases potentially affected.

• March 06, 2017 06 Mar'17

  New cybersecurity report gets the hacker perspective

  A new cybersecurity report used a hacker survey to offer a perspective on IT that can often be overlooked and found there may not be any easy answers.

• March 03, 2017 03 Mar'17

  Slack hack threatened to expose user account data and messages

  News roundup: A researcher discovers a Slack hack through stolen tokens. Plus, another WordPress flaw puts 1 million users at risk; Necurs botnet does DDoS now; and more.

• March 03, 2017 03 Mar'17

  Cloudflare security team calms fears over Cloudbleed bug

  Cloudflare security researchers continue investigations as CEO calms fears over potential exposure of sensitive personal data by the Cloudbleed bug, though doubts remain.

• March 02, 2017 02 Mar'17

  Employees knew about Yahoo security breach years ago, per new SEC filing

  A new SEC filing details who knew about the major Yahoo security breach in 2014, but experts are confused by the repercussions of the announcement.

• February 28, 2017 28 Feb'17

  Edge and IE vulnerability disclosed by Project Zero

  Google Project Zero's 90-day disclosure policy bites Microsoft again, as a zero-day Edge and IE vulnerability is made public before a patch is available.

• February 27, 2017 27 Feb'17

  Chrome backs out of TLS 1.3 support after proxy issues

  After Google rolled out the latest version of Chrome, Blue Coat proxy software issues prompt rollback of TLS 1.3 support in latest version of Chrome browser.

• February 24, 2017 24 Feb'17

  Experts: Government Vulnerabilities Equities Process should be law

  Experts say codifying the Vulnerabilities Equities Process into law would increase transparency and trust regarding vulnerability disclosure by the government.

• February 24, 2017 24 Feb'17

  RSA Conference 2017: Are software regulations coming for developers?

  Security expert Bruce Schneier said programmers' freedom to code whatever they want will likely come to an end. Should the industry brace itself for software regulations?

• February 24, 2017 24 Feb'17

  Suspect in Mirai malware attack on Deutsche Telekom arrested

  News roundup: U.K. authorities arrested a suspect in the Mirai malware attack on Deutsche Telekom. Plus, a judge denies a government request to collect fingerprints, and more.

• February 24, 2017 24 Feb'17

  Project Zero discovers Cloudflare bug leaking sensitive customer data

  The Cloudflare bug in CDN is fixed after causing sensitive customer data to leak. Google Project Zero discovered the flaw, and users were warned to change passwords.

• February 23, 2017 23 Feb'17

  SHA-1 deprecation more important after hash officially broken

  SHA-1 deprecation in browsers comes as researchers create hash collisions and Google offers website and developer tools to protect against malicious uses.

• February 22, 2017 22 Feb'17

  Risk & Repeat: RSA Conference 2017 highlights and trends

  In this episode of SearchSecurity's Risk & Repeat podcast, editors recap RSA Conference 2017 and discuss how the show addressed many security problems, but had very few answers.

• February 22, 2017 22 Feb'17

  Understanding of security remediation differs for CISOs, researchers

  One expert warned there can be a disconnect between what security remediation means to CISOs and what researchers announce because of divergent objectives.

• February 22, 2017 22 Feb'17

  Microsoft commits to GDPR compliance in the cloud by 2018 deadline

  Microsoft vows GDPR compliance in all cloud services when enforcement of the new EU data privacy regulation begins in May 2018, but companies still must take action to avoid fines.

• February 21, 2017 21 Feb'17

  Google discloses Windows vulnerability after canceled Patch Tuesday

  Google Project Zero discloses a Windows vulnerability that passed the 90-day deadline. And it comes soon after Microsoft canceled its Patch Tuesday release.

• February 21, 2017 21 Feb'17

  Windows 10 privacy issues persist, says EU privacy watchdog

  Windows 10 privacy issues remain as EU's top privacy watchdog group, the Article 29 Working Party, issues a second warning letter to Microsoft to simplify, clarify data collection.

• February 17, 2017 17 Feb'17

  Microsoft Patch Tuesday February release delayed by a month

  News roundup: Microsoft Patch Tuesday was canceled in February without a clear reason. Plus, APT28 is linked to new Mac malware; Lazarus targets more banks and more.

• February 17, 2017 17 Feb'17

  Q&A: Digging into darknet technology with Farsight's Andrew Lewman

  At RSAC, former Tor Project CEO Andrew Lewman explains the latest research into darknet technology and how that tech continues to evolve as an attack vector.

• February 16, 2017 16 Feb'17

  Connected medical devices spark debate at RSA Conference session

  An RSA Conference session on a new attack on connected medical devices led to a spirited debate on vulnerability disclosure and manufacturer responsibility.

• February 16, 2017 16 Feb'17

  Experts debate national cybersecurity policy suggestions at RSAC 2017

  Experts at RSAC 2017 discussed national cybersecurity policy suggestions for the new presidential administration, including what to do about encryption and the DHS mission.

• February 16, 2017 16 Feb'17

  Q&A: Yubico brings FIDO authentication protocol to the masses

  Yubico founder and CEO Stina Ehrensvard spoke with SearchSecurity at RSAC 2017 about FIDO authentication and how Google uses it to secure logins and cut costs.

• February 16, 2017 16 Feb'17

  RSA Conference speakers tackle tech immigration reform, travel ban

  Several speakers made pro-immigration remarks at RSA Conference 2017 and called for tech immigration reform following President Trump's controversial executive order.

• February 15, 2017 15 Feb'17

  Upcoming cybersecurity executive order leaves RSAC experts optimistic

  Experts at RSAC 2017 discussed the upcoming cybersecurity executive order from the new presidential administration and how the NIST Framework strengthens the plan.

• February 15, 2017 15 Feb'17

  Do IoT security risks require new legislation or will standards suffice?

  In a panel discussion about current IoT security risks, experts at RSA Conference 2017 weigh government legislation options against industry self-regulation.

• February 15, 2017 15 Feb'17

  Bruce Schneier: It's time for internet-of-things regulation

  Speaking at RSA Conference 2017, security expert Bruce Schneier called for the creation of a new government agency to oversee internet-of-things regulation.

• February 15, 2017 15 Feb'17

  Christopher Young: Don't sleep on the Mirai botnet

  RSA Conference 2017 was full of talk about future IoT attacks, but Intel Security's Christopher Young said the Mirai botnet is still an enormous threat and demonstrated why that is.

• February 15, 2017 15 Feb'17

  State-sponsored hacking needs to stop, says Congressman McCaul

  Rep. Michael McCaul took a harsh stance on Russian state-sponsored hacking at RSA Conference 2017 and pushed the U.S. government to do more to stop such attacks.

• February 14, 2017 14 Feb'17

  RSA panel covers cryptography trends, elections and more

  Panel at RSAC on cryptography trends offers views on AI's coming domination of cybersecurity, quantum computing and quantum cryptography, politics and elections and more.

• February 14, 2017 14 Feb'17

  Microsoft: Nation-state cyberattacks have changed the security game

  Microsoft's Brad Smith spoke at RSA Conference 2017 about the effects of nation-state cyberattacks and what businesses and governments can do about them.

• February 14, 2017 14 Feb'17

  Ramzan advocates collaborative security in RSAC keynote

  Zulfikar Ramzan opens RSA Conference 2017 by reminding enterprises that just as cyberattacks have long-tail repercussions, so too do collaborative security decisions made in business.

• February 14, 2017 14 Feb'17

  RSA President Rohit Ghai details new cybersecurity platform at RSAC 2017

  Michael Dell introduces RSA's newly appointed president, Rohit Ghai, who is set to lead the cybersecurity firm as it implements its new Business Driven Security platform.

• February 14, 2017 14 Feb'17

  Nation-state cyberattacks rising, warns former NSA director

  Speaking at RSA Conference 2017, former NSA Director Keith Alexander warned of increased nation-state cyberattacks and called for an overhaul of U.S. government cybersecurity.

• February 13, 2017 13 Feb'17

  Ransomware threat continues to evolve, defense needs to catch up

  With the rapid expansion of the ransomware threat landscape, defenders are scrambling to find ways to fight back. RSAC 2017 dedicated a full day for a ransomware seminar.

• February 10, 2017 10 Feb'17

  Trump tells White House cybersecurity officer, 'You're fired'

  Rumors have been confirmed that President Trump has fired the White House cybersecurity officer in charge of making sure he and his staff are not hacked.

• February 10, 2017 10 Feb'17

  Corero: Telecom carriers have fallen behind on DDoS defense

  Corero Network Security's Dave Larson talks with SearchSecurity about how DDoS defense has changed and why telecom service providers have struggled to keep up with new threats.

• February 10, 2017 10 Feb'17

  NSA contractor indicted for stealing elite cyberweapons over 20 years

  The NSA contractor accused of stealing elite cyberweapons over the course of 20 years, but his connection to the Shadow Brokers auction of similar hacking tools is still unclear.

• February 10, 2017 10 Feb'17

  Is the Ticketbleed flaw the new Heartbleed vulnerability?

  News roundup: F5 virtual server flaw, dubbed Ticketbleed, is similar to Heartbleed. Plus, DHS is considering requiring social media passwords on visa applications, and more.

• February 09, 2017 09 Feb'17

  IoT security threat to become real post-Mirai at RSA Conference 2017

  IoT security tops the list of RSA Conference 2017 submissions after IoT devices were abused by threat actors, but the topics experts worry about are much more far-reaching.

• February 08, 2017 08 Feb'17

  Five things to watch at RSA Conference 2017

  With no single trend or theme dominating at RSA Conference 2017, this year's show will still have plenty of material on machine learning, IoT security and much more.

• February 08, 2017 08 Feb'17

  Rapid7's Brown and Beardsley address IoT security issues

  Rapid7's Rebekah Brown and Tod Beardsley talk about IoT security issues, including new cars, blaming users for poor implementations and why NAT is the best firewall ever.