Network Security

Network Security news, information, and how-to advice

LaCie compromised for over a year

I guess there is truth in the saying that the devil is in the details. If anyone ever tries to tell you that their product or service is 100% secure you have my permission to smack them with a large fish (not an actual permission).


heartbleed 1200x700

Here are the options with Heartbleed-flawed networking gear (Hint: there aren't many)

Companies faced with the threat posed by networking equipment that contains the notorious Heartbleed bug have few security options beyond working closely with affected vendors.

How you need to respond to Heartbleed, and how you can explain it to others

With the flood of information surfacing about Heartbleed, it is important to distill to the immediate steps to take to protect our organizations and those we serve. This article covers the five actions for organizations, three for...

CDW Integrates with Google Apps for Cloud Collaboration

Through a partnership with Google and Esna Technologies, CDW has rolled out native access to the CDW Cloud Collaboration suite within Google Apps.

heartbleed

Heartbleed (CVE-2014-0160): An overview of the problem and the resources needed to fix it

After only a few days, the Internet is buzzing with news surrounding CVE-2014-0160, better known as the Heartbleed vulnerability. CSO has compiled the following in order to offer a single source to help administrators and security...

How to defend against the OpenSSL Heartbleed flaw

Vulnerability allows attackers to read a Web server's memory

Symantec to CISOs: Watch for the 'mega-breach'

Company releases 2013 Internet Security Threat Report, warning organizations that phishing and watering hole attacks can bury them

heartbleed bug

Vendors and administrators scramble to patch OpenSSL vulnerability

Since news of the OpenSSL bug started to spread on Monday, administrators and vendors have made a mad scramble to patch the Heartbleed bug, named for the flawed implementation of the heartbeat option in the cryptographic library.

Cloud Computing eGuide

In this eGuide, CIO, Computerworld, and InfoWorld offer advice, tips, news, and predictions regarding cloud implementations in the coming year and beyond. Read on to learn how to make cloud work for your organization.

Tools

How MDM works – or doesn't work – for SMBs

Not every company is big enough to implement traditional MDM solutions, but the smaller ones are still trying to find ways to manage their corporate data

Scales of Justice

Banks dismiss claims against Trustwave and Target

Trustmark National Bank and Green Bank, N.A. have dropped their claims against Target and Trustwave, ending the proposed class action lawsuit that first made headlines last week.

Understanding incident response: 5 tips to make IR work for you

Incident response is a plan that evolves over time to keep your organization best prepared against likely threats. CSO talked to industry experts at Black Hat about the ups and downs of IR, and how to develop a plan that's right for...

Trustwave plans to fight "baseless allegations" over Target breach

In a statement issued on Saturday, Trustwave's CEO, Robert J. McCullen, says that the recent lawsuit against his company are without merit and baseless.

Why Projects Fail

CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.

Patch management flubs facilitate cybercrime

Failures in patch management of vulnerable systems have been a key enabler of cybercrime, according to the conclusions reached in Solutionary's annual Global Threat Intelligence Report out today, saying it sees botnet attacks as the...

Blue bank vault

Banks' suit in Target breach a 'wake up call' for companies hiring PCI auditors

Two banks have filed a lawsuit against Target and Trustwave Holdings, the retailer's security assessor

Cybercrime trends point to greater sophistication, stealthier malware, more encryption

RAND Corp. report outlines evolution of cybercrime and emergence of more complex and evasive tools

After refusing to pay ransom, Basecamp hit with DDoS

Basecamp, a project management application, is the latest victim of an extortion scheme that promises DDoS attacks unless a ransom is paid. The service was down for several hours on Monday as attackers slammed the network with...

Why Projects Fail

CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.

A follow-up on the California DMV breach blamed on Elavon

Over the weekend the Hash reported on a story published by Brian Krebs, and continued to chase open threads, resulting in new information. Here's a re-cap of the story, including additional commentary in order to address a reader's...

Security analysts evolving from security administrators

There seems to be a global evolution in security talent worldwide - partly from want and partly from need. The technology, talent and techniques once necessary to support a sound security posture are changing as threats and business...

California DMV said to be source of recent data breach

Update: In a statement to the Hash, the California DMV said that the problem originated with the firm that does their credit card processing. Journalist Brian Krebs broke the story. Sources within MasterCard shared an alert issued...

Mt. Gox finds $116m worth of bitcoins

The exchange filed for bankruptcy protection stating that 850,000 bitcoins had disappeared

Load More