Information Security

Information Security news, information, and how-to advice

transporter effect

Hacking stealing password data

Two years after the OPM data breach: What government agencies must do now

Recent reports show declining grades for government agencies’ efforts to improve cybersecurity. Experts weigh in on what needs to be done.

green paper glasses with fake black paper mustache

Tested: How 4 deception tools deliver truer network security

Modern deception platforms lay traps that point attackers to fake assets that are created by the deception product. Here's what we discovered about how deception works and the unique features that deception tools from TrapX Security,...

23922465470 fe3c8b8cdf o
Update

The 15 worst data security breaches of the 21st Century

Security practitioners weigh in on the 15 worst data security breaches in recent memory.

hiding in plain sight

Mobile app developers: Make sure your back end is covered

Developers need to make sure they are baking security into the application code and protecting how their apps handle data, but as the so-called HospitalGown security issue shows, they also need to know how the back-end servers and...

digital europe circuit board barbed wire barrier obstacle thinkstock

May 18th: The birthday of the DPO

The importance of the European Global Data Protection Regulation and its implications for cybersecurity in America.

black white hat

How computer security pros hack the hackers

If you want to meet a really smart hacker, talk to a cybersecurity defender. These talented professionals are working every day to make cybercrime harder and less lucrative.

Gmail Google Mail

Google uses machine learning for new security features in Gmail

Google has pushed four new security features to enterprise users on G Suite, the search giant's hosted business offering. The new protections come shortly after Citizen Lab report exposed a Russia-linked Phishing and disinformation...

alert hacking threat detected

Proposed 'hack back' law would not have stopped WannaCry

On Monday, the Financial Times published a story concerning a proposed bill form Representative Tom Graves, a Republican from Georgia's 14th district. Graves has proposed changing the Computer Fraud and Abuse Act (CFAA) to allow...

03 bounty hunter

10 things threat hunters watch for

Pursuing cyber threats is much like conventional hunting in that it requires patience, persistence and a keen eye, and when done correctly, it can be both exhilarating and rewarding. Threat actors do everything in their power to blend...

maze lost question direction wayward

5 common ways businesses lose valuable data

David Zimmerman, CEO and Founder of LC Technology, lists five ways individual employees and IT are causing companies to lose data, and some best practices for preventing a crippling data loss.

data recovery

Few firms will be ready for new European breach disclosure rules, fines

The new European General Data Protection Regulation goes into effect next May, with onerous notification requirements and high penalties, but a year might not be enough for firms to get ready

inside hack theft

China's theft of IBM's intellectual property

Guilty plea of Xu Jiaqiang an IBM employee for theft of intellectual property and economic espioange

ryan benson

A day in the life of a threat researcher

After leaving Exabeam at the end of the workday, Ryan Benson’s mind doesn’t shut off when it comes to thinking about designing new defenses against Black Hats. See what his day looks like.

shadowy attacker hooded (public domain)

How to maintain data oversight to avoid ‘shadow data’

As more companies take a liberal approach to cloud app provisioning, they need to make sure that all apps – including vetted ones – are carefully secured, optimized and monitored. Al Sargent, senior director at OneLogin, offers the...

data protection
Infographic

GDPR requirements raise the global data protection stakes

New European Union data protection rules go into effect in 2018. Will you be ready?

tatu ylonen

Unmanaged, orphaned SSH keys remain a serious enterprise risk

There are many ways attackers can try to infiltrate an enterprise, but many times enterprises make it so easy that the attackers don’t have to try too hard. Consider the current state of orphan SSH (Secure Shell) keys and how...

crying whining baby after tantrum

WannaCry fallout -- the worst is yet to come, experts say

The massive scale of the recent WannaCry ransomware attack has exposed some significant weaknesses in global IT systems, and we're likely to see more attacks leveraging similar techniques, and doing even more damage, security experts...

3 keychain keys

Outsourcing security: Would you turn over the keys to a third party?

Years ago it would have been unthinkable to give up control to securing your most valuable assets. But for some companies the risk of handing the security keys to a third party is less than the idea of facing the daily barrage of...

Load More