20 Startups To Watch In 2015
Slideshows | 12/29/2014 | Check our list of security startups sure to start (or continue) making waves in the coming year.
JPMorgan Hack: 2FA MIA In Breached Server
Quick Hits | 12/24/2014 | Sources close to the breach investigation say a network server missing two-factor authentication let attackers make their way into JPMorgan's servers.
How PCI DSS 3.0 Can Help Stop Data Breaches
Commentary | 12/23/2014 | New Payment Card Industry security standards that took effect January 1 aim to replace checkmark mindsets with business as usual processes. Here are three examples.
The Coolest Hacks Of 2014
TSA baggage scanners, evil USB sticks, and smart homes were among the targets in some of the most creative -- and yes, scary -- hacks this year by security researchers.
CISO Holiday Bookshelf
Slideshows | 12/22/2014 | A selection of interesting security reads perfect as gifts from and to the typical CISO.
The Internet's Winter Of Discontent
Commentary | 12/19/2014 | The new great cybersecurity challenge in trying to sum up the most dangerous weaknesses in the world’s connected economy is that the hits just keep on coming.
Time To Rethink Patching Strategies
Commentary | 12/19/2014 | In 2014, the National Vulnerability Database is expected to log a record-breaking 8,000 vulnerabilities. That's 8,000 reasons to improve software quality at the outset.
SDN And Security: Start Slow, But Start
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul policies
Vawtrak: Crimeware Made-To-Order
Quick Hits | 12/18/2014 | A compartmentalized botnet with a wide selection of specialized web injects makes it easier to attack bank accounts across the globe.
2014: The Year of Privilege Vulnerabilities
Commentary | 12/16/2014 | Of the 30 critical-rated Microsoft Security Bulletins this year, 24 involved vulnerabilities where the age-old best practice of "least privilege" could limit the impact of malware and raise the bar of difficulty for attackers.
Shadow IT: Not The Risk You Think
Commentary | 12/12/2014 | Enterprise cloud services such as Box, Office 365, Salesforce, and Google Apps can make a better case for being called sanctioned than many legacy, on-premises, IT-provisioned applications.
|