News & Commentary

Open Technology Fund will sponsor program and HackerOne will manage it

The Changing Face Of Encryption: What You Need To Know Now

Commentary | 12/30/2015 |

Encryption today is now an absolute must and the fact that it is difficult does not change the fact that you have to use it.

Users No Longer Need to Jailbreak Apple iOS To Load Rogue Apps

News | 12/29/2015 |

'DarkSideLoader' app stores can side-load apps and circumvent official app stores on any iOS device.

5 Tips For Getting The Most Out Of Your Firewall

News | 12/29/2015 |

Despite concerns over the effectiveness of perimeter technologies, firewalls remain a staple in the enterprise security arsenal.

The Fraud Tsunami Heads To The Sharing Economy

Commentary | 12/29/2015 |

When it comes to cyberfraud, online marketplaces like AirBnB can expect an uphill battle in the wake of the rollout of new chip card technology in 2016.

15 Cybersecurity Lessons We Should Have Learned From 2015, But Probably Didn't

News | 12/28/2015 |

7 comments

Another infosec year is almost in the books. What did all the breaches, vulnerabilities, trends, and controversies teach us?

Tech Gifts That Security Pros Will Probably Return

Slideshows | 12/28/2015 |

Insecure gifts that CISOs and other security pros are likely returning as we speak.

Giant Mystery Database Of US Voters Leaked

Quick Hits | 12/28/2015 |

No organization will take responsibility for the database that includes 191 million voter registration records.

The Rise Of Community-Based Information Security

Commentary | 12/28/2015 |

The more vendors, service providers, and companies’ band together to fight security threats, the more difficult it will become for attacks to succeed.

Security Vendors Report Uptick in Whaling, Phishing Scams

News | 12/23/2015 |

Expect to see an increase in attempts by cyber crooks to trick businesses and individuals to part with their money say Mimecast, Kaspersky Labs.

Survey: When Leaving Company, Most Insiders Take Data They Created

News | 12/23/2015 |

15 comments

Most employees believe they own their work, and take strategy documents or intellectual property with them as they head out the door.

A Hidden Insider Threat: Visual Hackers

Commentary | 12/23/2015 |

Ponemon experiment shows how low-tech white-hat hackers, posing as temps, captured information from exposed documents and computer screens in nearly nine out of ten attempts.

2015 Ransomware Wrap-Up

Slideshows | 12/22/2015 |

11 comments

Here's a rundown of the innovative ransomware that frightened users and earned attackers big bucks this year.

Torrenting Still A Thorn In Enterprise Networks

News | 12/22/2015 |

A quarter of enterprises still see torrenting activity and among those, 43 percent of apps contain malicious elements.

The Industrial Cyber Myth: It’s No Fantasy

Commentary | 12/22/2015 |

11 comments

As threats become more sophisticated, the industry is still playing catch-up.

9 Coolest Hacks Of 2015

News | 12/21/2015 |

12 comments

Cars, guns, gas stations, and satellites, all got '0wned' by good hackers this year in some of the most creative yet unnerving hacks.

Oracle Settles FTC Charges That It Deceived Users About Java Security Updates

Quick Hits | 12/21/2015 |

Oracle will have to be more forthright and communicate the truth via social media and anti-virus companies going forward.

Yellow Alert Sounded For Juniper Vulns, Feds Called In

News | 12/21/2015 |

SANS ISC raises infosec alert level and FBI investigates potential nation-state activity leading to backdoor vulnerabilities in Juniper ScreenOS products.

Security Tech: It’s Not What You Buy, It’s How You Deploy

Commentary | 12/21/2015 |

Good information security depends on a holistic strategy, not on an elite lineup of discretely moving parts.

10 Funny Twitter Feeds For Security Geeks

Slideshows | 12/18/2015 |

5 comments

These must-follow Twitter feeds offer plenty of cybersecurity humor to keep infosec pros giggling even when the attacks keep coming.

Juniper Discovers Unauthorized Code In Its Firewall OS

News | 12/18/2015 |

'Troubling' incident exposes code designed to decrypt VPN communication and enable remote administrative control of devices.

When RATs Become a Social Engineer’s Best Friend

Commentary | 12/18/2015 |

Hacking humans in the banking industry through rogue help desks is becoming a significant problem.

90% Of Industries, Not Just Healthcare, Have Disclosed PHI In Breaches

News | 12/17/2015 |

New Verizon PHI report finds that organizations' workers comp and wellness programs are also vulnerable repositories for personal health information.

Validating Supply Chain Cybersecurity

Partner Perspectives | 12/17/2015 |

How to identify risks, understand downstream effects, and prepare for incidents.

The InfoSec Gender Divide: Practical Advice For Empowering Women

Commentary | 12/17/2015 |

There is no one-size-fits-all approach for women to succeed in IT security. What you need is a roadmap and a little help from your friends.

Security Talent Gap Threatens Adoption Of Analytics Tools

News | 12/17/2015 |

Finding qualified personnel with the right skillsets to configure and operate analytics platforms is a big challenge today, but workforce development, training, and more intuitive technology could help.

SQL Injection, XSS Flaws Found In Network Management System Products

News | 12/16/2015 |

Patches available for two flaws, pending for four others.

An Ill ‘Wynd’ Blowing But No Safe Harbor

Commentary | 12/16/2015 |

What will state-of-the-art for cybersecurity look like in 2016? The regulatory headwinds on both sides of the Atlantic portend big changes.

The End Of Passwords?

News | 12/15/2015 |

IT professionals believe they won't exist in 10 years, but this prediction's been on tap for a decade already.

Detecting the Undetectable: Windows Registry Attacks

Partner Perspectives | 12/15/2015 |

Fileless attacks are becoming more sophisticated, requiring a team of defenses.

Macro Malware Is Back

Partner Perspectives | 12/15/2015 |

3 comments

Social engineering drives macro malware levels to six-year highs.

Investigating Mobile Banking Attacks

Partner Perspectives | 12/15/2015 |

3 comments

Poor mobile app back-end security coding puts consumer information at risk.

To Better Defend Yourself, Think Like A Hacker

Commentary | 12/15/2015 |

As attacks become more sophisticated and attackers more determined, organizations need to adopt an offensive approach to security that gets inside the head of the hacker.

The CISO's New Best Friend & New Boss

News | 12/15/2015 |

What does the rise of the chief data officer and the digital risk officer mean for the chief information security officer?

Internet Of Things Christmas Security Survival Guide

News | 12/14/2015 |

Here's how CISOs, security researchers, and all security-minded folks in between can channel their healthy paranoia into helpful ways of protecting friends and family from IoT gifts.

Twitter Says Nation-State Hackers Targeted Some Accounts

Quick Hits | 12/14/2015 |

Social media giant warns a small number of users that attackers appear to have been after their information.

Making Security Everyone’s Job, One Carrot At A Time

Commentary | 12/14/2015 |

These five user education strategies will turn employee bad behavior into bulletproof policies that protect data and systems.

Latentbot: A Ghost in the Internet

News | 12/11/2015 |

Malware’s multiple layers of obfuscation make it almost invisible FireEye says,

How ‘Digital Forensic Readiness’ Reduces Business Risk

Commentary | 12/11/2015 |

3 comments

These six real-world scenarios show how to turn reactive investigative capabilities into proactive, problem-solving successes.

FBI Tweaks Stance On Encryption BackDoors, Admits To Using 0-Day Exploits

Quick Hits | 12/10/2015 |

FBI retreats a step, but makes stand on end-to-end encryption. Meanwhile, European Union gets ready with a rougher, tougher replacement for Safe Harbor.

Spy Banker Trojan Being Hosted On Google Cloud

News | 12/10/2015 |

Spy Banker spreading through Brazil via malicious links posted on social networks.

The Lizard Squad: Cyber Weapon or Business?

Commentary | 12/10/2015 |

Even a hacker with the noblest intentions can run afoul of the law by not following six important do’s and don’ts.

Sea Craft Voyage Data Systems Vulnerable To Tampering, Spying

News | 12/9/2015 |

Remote attackers could snoop on or corrupt the systems that collect and store radar images, vessels' position and speed, and audio recorded in the ships' bridge or engine room.

The Employee Password Habits That Could Hurt Enterprises

Slideshows | 12/9/2015 |

6 comments

While education and efforts around online credentials are improving, password hygiene still has problems

‘Re-innovating’ Static Analysis: 4 Steps

Commentary | 12/9/2015 |

Before we pronounce the death of static analysis, let’s raise the bar with a modern framework that keeps pace with the complexity and size found in today’s software.

Known Security Flaw Found In More Antivirus Products

News | 12/8/2015 |

A vulnerability discovered earlier this year in AVG software also spotted in Intel McAfee, Kaspersky Lab AV products.

Retailers Inadequately Secured Against Risks From Temporary Workers

News | 12/8/2015 |

Retailers recognize temps are higher-risk, but have lower visibility into their activity.

Iranian Groups Conducting Sophisticated Surveillance On Middle Eastern Targets

News | 12/8/2015 |

Two groups have been using backdoor threats to spy on targeted individuals, Symantec says.

How CISOs Can Reframe The Conversation Around Security: 4 Steps

Commentary | 12/8/2015 |