Satellite Communications Wide Open To Hackers
Satellite terminals widely used in transportation, military, and industrial plants contain backdoors, hardcoded credentials, weak encryption algorithms, and other design flaws, a new report says.
The Real Wakeup Call From Heartbleed
There's nothing special about Heartbleed. Itís another flaw in a popular library that exposed a lot of servers to attack. The danger lies in the way software libraries are built and whether they can be trusted.
White House Details Zero-Day Bug Policy
NSA denies prior knowledge of the Heartbleed vulnerability, but the White House reserves the right to withhold zero-day exploit information in some cases involving security or law enforcement.
Active Directory Is Dead: 3 Reasons
These days, Active Directory smells gangrenous to innovative companies born in the cloud and connecting customers, employees, and partners across devices at light speed.
Akamai Withdraws Proposed Heartbleed Patch
As researchers demonstrate OpenSSL bug exploits that retrieve private keys, Akamai rescinds a patch suggestion for the SSL/TLS library after a security researcher punches holes in it.
Flash Poll: Broken Heartbeat
What steps do you plan to take in response to the Heartbleed bug? Take our poll and share your reasons in the comments.
Heartbleed: Examining The Impact
With Heartbleed, thereís little hope of knowing if an asset was breached, if a breach can be identified, or what, if any, data was leaked. Hereís how to defend against future attacks.
CIO Vs. CSO: Allies Or Enemies?
In the wake of the Target breach it's clear that the CIO and CSO must have clear boundaries of responsibility and equal representation in the board room.
Whatís Worse: Credit Card Or Identity Theft?
When it comes to data loss, itís time for the conversation to shift from credit cards to personal information like Social Security numbers, home addresses, and your favorite flavor of ice cream.
One Year Later: The APT1 Report
One of the most positive impacts of APT1 is the undeniable rise in the stature of the threat intelligence industry. "Threat Intelligence" is the SIEM, the NAC of 2014.
Operation Stop the Exfiltration
Determined cybercriminals and cyberspies will find their way to the data they want, but there are ways to trip them up as they try to make their way out.
Social Engineering Grows Up
Fifth annual DEF CON Social Engineering Capture the Flag Contest kicks off today with new "tag team" rules to reflect realities of the threat.
If Mother Nature Were A CISO
There are many defensive patterns in nature that also apply to information security. Here's how to defeat your predators in the high-stakes game of corporate survival and resiliency.
We Are the Perimeter
End users, not technology, define the boundaries of the enterprise. Security strategies must protect this new perimeter.
Be Careful Beating Up Target
Target was actually better prepared than most retailers. The real problem lies with the current state of industry threat intelligence and IR practices.