Security

Security | News, how-tos, features, reviews, and videos

risk assessment gauge

It's time for a new cyber risk management model

An overwhelming attack surface, voluminous vulnerabilities, sophisticated threats, and new business requirements demand a new cyber risk management model.

fbi badge gun

Ad fraud botnet 3ve shut down after infecting 1.7 million PCs

An enormous ad fraud botnet, 3ve, was shut down after 1.7 million PCs were infected to falsify 12 billion ads per day.

firewall network security lock padlock cyber security

12 top web application firewalls compared

A web application firewall (WAF) is a critical component of an enterprise security infrastructure, providing a key security layer for web-facing applications and APIs.

phishing hacker binary keyboard privacy security breach

Hacker adds malicious bitcoin-stealing code to popular JavaScript library

An NPM package with 2 million weekly downloads had malicious code injected into it. Plus, more problems arise from the Windows 10 October 2018 Update.

#slack signage

10 Slack security tools compared

Slack does a good job of protecting its own code, but you'll need help to stop malware delivered through Slack messages or to avoid exposing personal information.

clicks pageviews traffic denial of service ddos attack 100613842 orig

DDoS protection, mitigation and defense: 8 essential tips

Protecting your network from DDoS attacks starts with planning your response. Here, security experts offer their best advice for fighting back.

intro cyber attack maps

What is a cyber attack? Recent examples show disturbing trends

A cyber attack is an attack launched from one or more computers against another computer, multiple computers or networks. Here are some of the major recent cyber attacks and what we can learn from them.

amazon sign

Amazon 'technical error' exposes undisclosed number of customer names and emails

Amazon isn't saying how many customers had their names and email addresses exposed due to a data leak caused by an unexplained technical error.

blockchain in healthcare / doctor accesses one block in a chain of digital medical records

Who is responsible for IoT security in healthcare?

NIST panel debates who should own IoT security: vendors or users. The issue is especially important when it comes to protecting medical devices.

binary neural network - artificial intelligence - machine learning

Review: ImmuniWeb offers true automated penetration testing

Its machine speed allows it to scale, while the human penetration testers ensure complete accuracy.

Computerworld - Scary Tech [Slide-05] - Encryption systems with backdoors

BlackBerry's acquisition of Cylance raises eyebrows in the security community

BlackBerry's move into the endpoint security game may create public safety issues, given the company's history with encryption backdoors, experts say.

ransomware breach hackers dark web

10 things you should know about dark web websites

Catch a glimpse of what flourishes in the shadows of the internet.

certificate

Google makes good on promise to remove some Symantec PKI certificates

If you get this digital certificate error using Chrome, then Google now considers that website's Symantec PKI certificate untrustworthy.

Microsoft Windows update arrows / progress bars

How to take control of Windows 10 security update settings

It's often wise to defer Windows 10 or Server 2019 security updates to let the glitches shake out. Here are the settings needed to make that happen.

keys / locks / security

Career advice: Good enough security trumps best security

The realization that most of the world doesn’t want the best security will help you advance in your security career.

Mobile security

6 mobile security threats you should take seriously in 2019

Mobile malware? Some mobile security threats are more pressing. Every enterprise should have its eye on these issues in the coming year.

crystal ball

9 cyber security predictions for 2019

CSO staff and contributors tell what they hope or fear will happen in the infosec world for the coming year.

spearfishing trap

Russian Cozy Bear APT 29 hackers may be impersonating State Department

Russian Cozy Bear hackers may be impersonating the U.S. State Department in a large, new spear-phishing campaign, plus other cybersecurity news.

supply chain management connections - ERP - Enterprise Resource Planning

With supply chain security grabbing headlines, NIST sees new relevance for its guidance

Supply chain is sexy again, and NIST hopes that means more companies take its supply chain risk guidance seriously.

Network World: IoT Hacks [slide-05] > Car Talk > Automotive hacks

The 7 deadly sins of endpoint detection & response

Breaches often take weeks or even months to uncover, but the right strategy combined with strong endpoint detection & response (EDR) tools can make all the difference. We examine seven vital factors to consider.

Load More