Security Leadership

Security Leadership news, information, and how-to advice

standing out
darts bullseye

os x yosemite spotlight

Apple's Yosemite OS shares Spotlight search terms by default

An engineer who's studied the new OS criticized its privacy settings

dropbox phishing

Dropbox used for Phishing expedition

Symantec says they've recently uncovered a Phishing scam targeting Dropbox users, where many of the elements needed to complete the scam are being hosted on Dropbox directly. Such a move helps lower resistance and bypass some network...

stem students

The Paradox of STEM Training

Recent statistics seem to point to an overabundance of STEM graduates, and yet there is negative unemployment in some tech careers. Why the discrepancy between supply and demand?

poodle at play

Dreaded SSLv3 bug no monster, only a POODLE

On Tuesday, Google's Bodo Möller, along with fellow researchers Thai Duong and Krzysztof Kotowicz, disclosed the existence of a vulnerability in SSLv3, which allows the plaintext of secure connections to be calculated by an attacker...

Cisco advises users to lock down WebEx to prevent snooping

A security researcher found potentially sensitive meetings open for anyone to join

symantec logo

Analysts react to Symantec split announcement

On Thursday, Symantec said that it would separate into two business units; one that focuses entirely on security, while the other sticks to information management. Symantec's announcement follows similar ones from Hewlett-Packard and...

Microsoft's Nadella backtracks after comments on women pay lead to protests

Satya Nadella later said he had been "inarticulate"

Do we need to make SSL free to boost Internet security?

As concerns grow for ways to protect information on the Internet, maybe the best choice is to include security in part of the package - no extra charge.

students

Microsoft and other firms take pledge to protect student privacy

Fourteen companies have promised not to sell student data or use it for advertising

What did you expect to happen when you bought the electronic lock?

In a case where physical and cyber security merge, some think the judge in the case got it wrong. Here’s why the decision was right and what it means for you.

we are hiring sign 155397417

States worry about ability to hire IT security pros

The biggest challenges are money -- and not enough people in the pool.

milennial dude

Young adults clueless on cybersecurity profession

The cybersecurity profession and its role in keeping the Internet safe is lost among young adults, who are therefore less likely to pursue a career in the field, a survey shows.

data breach thinkstock

Survey shows the cost of security breaches is on the rise

The PWC/CSO Global State of Information Security Survey reveals detected breaches and associated costs are up. Budgets? Not so much.

derbycon logo

Salted Hash: Live from DerbyCon (Update 2)

Salted Hash is on the road this weekend, taking in the sights and sounds of DerbyCon 4.0. This is the second update form the show, with additional bits of information on Shellshock, the vulnerability that's become all the rage here in...

derbycon logo

Salted Hash: Live from DerbyCon (Update 1)

Salted Hash is on the road this weekend, taking in the sights and sounds of DerbyCon 4.0. With dozens of talks over the next three days, more than a thousand people are expected to attend one of the fastest growing conferences in the...

Three steps you need to take to avoid overreacting to the bash bug

The steps necessary to be effective in the wake of the frenzy with an executive plan of action that explains and brings others into the response while protecting the business.

healthcare.gov

HealthCare.gov still struggling with security

The Inspector General (IG) of the Health and Human Services Department has released a report detailing the state of security on HealthCare.gov and the results of vulnerability scans performed in April and May of this year. The...

Binary wireless traffic stream speeding down the street.

Recently introduced TLDs create new opportunities for criminals

Top-level domains are supposed to be a way to focus the Internet. In reality, they've become a boon for registrars, who use them as an up sell and a goldmine for criminals who use them to bypass defenses.

Load More