Information Security BlogPost

Google focuses more on steering the Android ship than righting it
At RSAC 2019, speculative execution threats take a back seat
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
Will cybersecurity safety ever equal air travel safety?
Android Ecosystem Security Transparency Report is a wary first step
Google sets Android security updates rules but enforcement is unclear
Mystery around Trend Micro apps still lingers one month later
FBI, DHS blaming the victims on Remote Desktop Protocol
What the GAO Report missed about the Equifax data breach
DHS cybersecurity rhetoric offers contradictions at DEF CON
Five things to watch for at Black Hat USA this year
How Dropbox dropped the ball with anonymized data
Is the new California privacy law a domestic GDPR?
Cyber attribution: Why it won't be easy to stop the blame game
It's GDPR Day. Let the privacy regulation games begin!
Google I/O's security and privacy focus missing on day one
Cybersecurity pervasiveness subsumes all security concerns
Algorithmic discrimination: A coming storm for security?
GDPR deadline: Keep calm and GDPR on
CrowdStrike unveils Meltdown exploit in unusual fashion
FedRAMP security requirements put a premium on automation
Privacy protections are needed for government overreach, too
Apple GDPR privacy protection will float everyone's privacy boat
RSA Conference keynotes miss the point of diversity
Facebook's 2FA bug lands social media giant in hot water
Symantec's untrusted certificates: How many are still in use?
Blizzard security flaw should put game developers on notice
The strange case of the 'HP backdoor' in Lenovo switches
Intel keynote misses the mark on Meltdown and Spectre vulnerabilities
Official TLS 1.3 release date: Still waiting, and that's OK
After 2017, data breach fatigue should be a thing of the past
OWASP Top Ten: Surviving in the cyber wilderness
The CASB market is (nearly) gone but not forgotten
Uber data breach raises unsettling questions for infosec
The Equation Group malware mystery: Kaspersky offers an explanation
Is "responsible encryption" the new answer to "going dark"?
Latest Kaspersky controversy brings new questions, few answers
FBI's Freese: It's time to stop blaming hacking victims
DerbyCon cybersecurity conference is unique and troubling
Fearmongering around Apple Face ID security announcement
Project Treble is another attempt at faster Android updates
The Symantec-Google feud can't be swept under the rug
Symantec certificate authority aims for more delays on browser trust
Verizon DBIR 2017 loses international contributors
RSA Conference 2017: Are software regulations coming for developers?
Christopher Young: Don't sleep on the Mirai botnet
Five things to watch at RSA Conference 2017
How cloud file sharing is creating new headaches for security teams
Android malware delivery is harder than you might think
Patent race picks up speed in the cloud access security broker market
Windows 10 Anniversary update adds headaches for antivirus vendors
Netskope nabs another patent for CASB technology
Environment variables: Should they be considered harmful?
The healthcare industry is making it far too easy for hackers
What Symantec's acquisition of Blue Coat says about the CASB market
Sorry Mr. Snowden -- encryption isn't the only path to security
Throwing money at the cybersecurity problem?
EMM software on every device? MobileIron makes the case
Vulnerability branding becomes another marketing tool
RSA Conference 2016: An opportunity to take a stand
Morphisec plans to bring back endpoint security – with a twist
How millennials can be the saviors -- not the scourge -- of the security staffing shortage
Cybersecurity and CES 2016: A comedy of omissions
The transaction that lasts forever
Why Hillary can't mail
When is an ISAC not an ISAC?
Prevoty offers context-aware, automatic RASP
Black Hat researcher turns out the lights
Fortune 1000 companies keep their mouths closed, Willis says
McAfee report summarizes second quarter
Fun and games with content security policies
Uniqul offers facial recognition payment scheme.
Trend Micro shoots down Crisis Trojan threat to VMware
FFIEC cloud computing risks document: Where's the beef?
Federal cloud computing strategy faces challenges, GAO finds
Yahoo fixes flaw that led to password breach
AWS outage doesn't discourage Netflix from banking on the cloud
Putting the mobile botnet threat in perspective
Operation High Roller: Server-side automation in online bank fraud
Review your security contingency plan during the 2012 Olympic Games
Opinion: LinkedIn hacking incident betrays users’ trust
CSO chat: The BYOD trend, big data security and cloud
Stuxnet details should prompt call to action over cyberwarfare impact, not words
Why execs really need corporate security training
Patriot Act cloud study debunks idea that location can protect cloud data from government
Peter Kuper: VCs renewing their love affair with security companies
Cloud security issues: Provider transparency, data-centric security
Organizations lagging on cloud security training, survey shows
Windows exploits: Data finds Windows Vista infections outpace Windows XP
Virtualization security best practices in wake of ESX hypervisor code leak
Oracle trips on TNS zero-day workaround
Amazon cloud services: AWS Marketplace offers one-click cloud security
Spam filter gets better of Microsoft SDL—almost
Cloud security vendors win funding for technologies
The importance of using a full security threat definition
Cloud transparency gets boost with Azure addition to CSA STAR
IT security and business alignment: It’s time to ease off IT security leaders
Prepare now for more stringent U.S. data privacy laws
More