5 ways to hack blockchain in the enterprise
Experts warn of blockchain security risks in non-cryptocurrency use cases.
Hardware, software options emerge for runtime encryption
Hackers are getting better at exploiting encryption gaps that expose plain-text data. New hardware and software runtime encryption solutions aim to close those gaps.
Cloud functions present new security challenges
Cloud functions, or serverless apps, are small, fast and pop in and out of existence. So, how do you secure them?
How privacy is moving data security to the top of corporate agendas
It’s no longer privacy vs security. Regulations like GDPR and customer data breaches have joined privacy and security efforts at the hip.
Why securing containers and microservices is a challenge
Their granularity, deployment speed, and data traffic volume require new approaches to securing container environments.
Verizon report: Ransomware top malware threat of 2017, moving into critical systems
DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.
How to detect and prevent crypto mining malware
Hackers are placing crypto mining software on devices, networks, and websites at an alarming rate. These tools can help spot it before it does great…
Open source software security challenges persist
Using open source components saves developers time and companies money. In other words, it’s here to stay. Here’s a look at what it will take…
SEC’s new cybersecurity guidance falls short
Post Equifax, those who hoped that the US Securities and Exchange Commission would impose tougher rules (and consequences for breaking them) around reporting breaches will…
The global cyber war is heating up: Why businesses should be worried
From NotPetya’s global disruption to North Korea’s digital plundering of financial institutions, state-sponsored cyber attacks should be top of mind for business leaders. Here’s how…
New cryptocurrencies offer better anonymity, new security challenges
Anonymous cryptocurrencies like Monero and Zcash help cybercriminals evade detection and make cryptojacking more profitable.
Cloud security configuration errors put data at risk; new tools can help
For companies that run entirely in the cloud, the entire business can be at risk. That has some looking for help with monitoring and verifying…
Open source software security challenges persist, but the risk can be managed
Using open source components saves developers time and companies money. In other words, it’s here to stay. Here’s a look at what it will take…
Password managers grow up, target business users
Password managers began as free or low-cost apps for consumers, tracking passwords and sign-ins to websites and applications, making it possible for users to create…
What is a botnet? And why they aren’t going away anytime soon
Controlling thousands or even millions of devices gives cyber attackers the upper hand to deliver malware or conduct a DDoS attack.
How hackers crack passwords and why you can’t stop them
Password crackers have access to more stolen passwords and better password hacking software and tools than ever before.
What is the cyber kill chain? Why it’s not always the right approach to cyber attacks
As an infosec professional, you’ve likely heard about using a cyber kill chain, also known as a cyber attack lifecycle, to help identify and prevent…
How AI can help you stay ahead of cybersecurity threats
Since the 2013 Target breach, it’s been clear that companies need to respond better to security alerts even as volumes have gone up. With this…
Unlimited DDoS protection the new norm after Cloudflare announcement
Late last month, global distributed denial of service (DDoS) protection provider Cloudflare announced that it would no longer charge customers extra when they were under…
Shadow cloud apps pose unseen risks
It happens in every company. Employees find a cool new online service that makes them more productive. They create free or low-cost accounts on devices…
The best enterprise antivirus: Kaspersky leads in latest tests
Ransomware and other threats often get through signature-based antivirus protection, giving it a bad rap. However, anti-virus tools still play an important role in the…
What is a fileless attack? How hackers invade systems without installing software
“We see it every day,” says Steven Lentz, CSO at Samsung Research America. “Something coming through, some exploit type, unknown ransomware. We’ve stopped several things…
Is universal end-to-end encrypted email possible (or even desirable)?
People expect their email to be private between them and the recipient, but in reality, the contents of your email are exposed during transmission. Full…
What’s new in ransomware?
In June, South Korean hosting company Internet Nayana, Inc., was hit by a ransomware attack that took down its 153 Linux web servers — home…
Look beyond job boards to fill cybersecurity jobs
The cybersecurity talent shortage keeps getting worse. According to Cybersecurity Ventures, the cost of cybercrime will double from $3 trillion globally in 2015 to $6…
Is your data being sold on the dark web?
Sonatype’s crown jewel is its database of descriptions of over 1.2 million open source packages. “If that is lost, it could be an existential outcome,”…
Two years after the OPM data breach: What government agencies must do now
The Office of Personnel Management breach in June 2015 was a big wake up call to our federal government, and, in its wake, a number…
With new dynamic capabilities, will whitelisting finally catch on?
Everybody knows and hates whitelisting. Employees are only allowed to install approved software on their desktops and laptops, so they’re always complaining and asking for…
Few firms will be ready for new European breach disclosure rules, fines
The new European General Data Protection Regulation goes into effect next May, but a year might not be enough for firms to get ready
APT3 hackers linked to Chinese intelligence
The APT3 hacker group has been linked to the Chinese Ministry of State Security