Latest articles for CSO magazine

InfoSec pros spend most time, money on self-inflicted problems

InfoSec pros spend most time, money on self-inflicted problems

According to a new survey of Black Hat attendees released last week, InfoSec professionals are spending the biggest amount of their time and budgets on…

How to surf the Dark Web for fun and profit

Life is tough if you’re a criminal.Sure, one big score can set you up for life. If you’re smart and disciplined, you can retire early.…

Data explosion offers challenges, opportunities to security pros

Data explosion offers challenges, opportunities to security pros

230 million patients. 3,300 hospitals. 900,000 healthcare professionals. 98 percent of U.S. pharmacies. More than 700 different electronic health record platforms. 764 million medication histories.…

Regulators seek to limit security software exports

Regulators seek to limit security software exports

The comment period on a proposed set of software export restrictions ends next Monday, and the rules, as written, would severely restrict international sales, deployment,…

Electronic Frontier Foundation celebrates 25 years of defending online privacy

Electronic Frontier Foundation celebrates 25 years of defending online privacy

The Electronic Frontier Foundation is the digital world’s top watchdog when it comes to privacy and free expression. But while cops and firefighters are often…

Report: Malvertisers now using SSL redirects

Report: Malvertisers now using SSL redirects

Advertising networks have gotten better at spotting malicious downloads embedded into advertisements, so criminals began using redirects, even chains of a dozen redirects or more,…

‘Butterfly’ group goes after corporate IP

‘Butterfly’ group goes after corporate IP

Symantec has identified a group of cybercriminals, whom they’ve named “Butterfly,” as targeting corporate intellectual property for financial gains, with Twitter, Facebook, Apple and Microsoft…

Malvertising reaches record levels in June

Malvertising reaches record levels in June

Malvertising campaigns have reached more users than ever before, reported security firm Invincea yesterday, with many brand-name websites affected — including CBS Sports, Yahoo and…

Top global security experts defend encryption

Top global security experts defend encryption

As government officials continue to plea the case against strong encryption, a group of high-profile international security experts have published a paper arguing that allowing…

Despite warnings, majority of firms still run some Windows Server 2003

Despite warnings, majority of firms still run some Windows Server 2003

Enterprises are still heavily dependent on Windows Server 2003 even though there were plenty of warnings that support is coming to an end on July…

IEEE group recommends random MAC addresses for Wi-Fi security

IEEE group recommends random MAC addresses for Wi-Fi security

According to new recommendations by an IEEE study group, the Wi-Fi protocol needs to be updated to use randomly generated addresses for better security and…

Scammers bypass Google filters with PDF cloaking

Scammers bypass Google filters with PDF cloaking

Scammers have long used cloaking as a technique to drive up search engine rankings, stuffing webpages full of keywords and links that make them attractive…

Report: Every company is compromised, but most infections not yet at critical stage

Report: Every company is compromised, but most infections not yet at critical stage

In a recent analysis of a quarter million endpoint devices in 40 enterprises, every single corporate network showed evidence of a targeted intrusion but most…

Agencies need to pay more attention to supply chain security

Agencies need to pay more attention to supply chain security

Government agencies seeking the lowest bidders typically overlook cybersecurity when awarding contracts, and data breaches are the result, says a security rating expert.According to a…

Who’s winning the mobile payments war?

Who’s winning the mobile payments war?

Mobile payments — using your phone instead of a credit card to make purchases at retail locations — has not taken off. Yet.To read this…

5 non-traditional hiring tips for InfoSec

There’s a dramatic shortage of qualified information security professionals in the industry today. Globally, we’re a million people short, according to Cisco’s 2014 Annual Security…

Tools catch security holes in open source code

This year has been the best of times and the worst of times for open source code and security. On the one hand, the latest…

10 tips to attract women to infosec jobs

10 tips to attract women to infosec jobs

Women make up ┬ájust 11 percent of information security professionals. ┬áJust increasing that number to 22 percent would solve the industry’s staffing shortage problem. Unfortunately,…

How to get creative with your penetration testing

How to get creative with your penetration testing

  While there are plenty of standardized methods for penetration testing that we’re all familiar with, the bad guys aren’t sticking to traditional methods for…

You Need to Get Creative With Pen Testing. Here’s How to Do It.

You Need to Get Creative With Pen Testing. Here’s How to Do It.

Security professionals have long been running penetration tests against their firewalls and other security systems to find weaknesses that need to be addressed. The Common…

Forgotten risks hide in legacy systems

Forgotten risks hide in legacy systems

Cover story These days, there’s no shortage of new business technologies and new threat vectors to the enterprise. But what many companies forget is that…

Info sec industry still struggles to attract women

Even as women have made dramatic advances in medicine, law, and other fields, the proportion of women pursuing undergraduate degrees in the computer sciences has…

10 reasons to take a Chromebook on the road

If you’re trying to decide which device to buy for your next trip because your current laptop is too old, too slow, too heavy and…

SaaS vendors, customers, finding new ways to secure the cloud

SaaS vendors, customers, finding new ways to secure the cloud

Rogue employees, hackers, government employees all threats to keeping information stored on the cloud private Edward Snowden’s leaks about NSA spying may have brought the…

Bitcoin: Seven reasons to be wary

Of all the virtual currencies out there, BitCoin is the most interesting from a technical perspective – and the least interesting from the business point…

How to Survive a Cloud Outage

Amazon’s infamous cloud outage in April brought down a number of popular Web sites, including foursquare and Reddit – but many of Amazon’s enterprise cloud…

Five iPad Safety Tips

Five iPad Safety Tips

1. Encrypt, encrypt, encrypt. There are two parts to the data encryption challenge – encrypting stored data, and encrypting data that’s moving over public networks,…