6 API security lessons from the Venmo breach
Cyber criminals are targeting application programming interfaces to steal sensitive data. Recent exposures and hacks at companies like Venmo, Facebook and Google present lessons to improve API security.
Category: CSO
California Consumer Privacy Act (CCPA): What you need to know to be compliant
California’s new privacy law, AB 375, might not burden security as much as the GDPR, but details are subject to change.
How to close SIEM visibility gaps created by legacy apps
It’s often difficult to make log files and other data from legacy applications accessible to security information and event management systems. Here are some options for improving visibility.
4 security concerns for low-code and no-code development
Low code does not mean low risk. By allowing more people in an enterprise to develop applications, low-code development creates new vulnerabilities and can hide problems from security.
6 ways malware can bypass endpoint protection
Breaches from attacks that defeat or run around endpoint protection measures are on the rise. Here’s how attackers do it.
How First Citrus Bank got rid of employee passwords
The Florida bank rolled out passwordless authentication in February that relies on device biometrics of their smartphones.
What is GPS spoofing? And how you can defend against it
The U.S. Global Positioning System, part of a network of global navigation satellite systems (GNSS), is vulnerable to attacks that could disrupt many industries. Here’s how it works and what you can do to mitigate its risk.
Google expands cloud security capabilities, including simpler configuration
New tools and services will help make it easier for enterprises to manage security with Google products as well as with Amazon and in their own private clouds and applications.
What is AI fuzzing? And why it may be the next big cybersecurity threat
Pairing artificial intelligence or machine learning with traditional fuzzing techniques creates a powerful tool to find application or system vulnerabilities — for both researchers and cyber criminals.
What is quantum cryptography? It’s no silver bullet, but could improve security
In the arms race between white and black hats, the infosec industry looks to quantum cryptography and quantum key distribution (QKD). That may be just part of the answer, however.
What is biometrics? And why collecting biometric data is risky
Biometrics has the potential to make authentication dramatically faster, easier and more secure than traditional passwords, but companies need to be careful about the biometric data they collect.
How to protect backups from ransomware
Ransomware is getting smarter, attacking backups to prevent recovery. Prevent this from happening by taking a few simple steps.
How security operations centers are adapting to the cloud era
Moving data and processes to the cloud presents challenges for enterprise SOCs. Here’s how the industry and business are finding new ways to collect, monitor and analyze cloud-based security data.
8 old technologies that still play roles in security
Newer isn’t always better, at least where cybersecurity is concerned. For some applications, these older technologies are still effective ways to protect data and systems.
Best antivirus software: 14 top tools
These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance, and usability.