News Analyses

13 communicate security strategy threat education

Finally, a meaningful congressional report on stemming cybersecurity attacks

security trust

What is digital trust? How CSOs can help drive business

certificate

Google makes good on promise to remove some Symantec PKI certificates

If you get this digital certificate error using Chrome, then Google now considers that website's Symantec PKI certificate untrustworthy.

group of hackers in digital environment

Cylance researchers discover powerful new nation-state APT

A new APT, dubbed White Company, is flexing its muscle on the world stage, and it has security researchers worried.

deepfakes fake news unreal doctored malicious personal attack video audio

Doctored Jim Acosta video shows why fakes don’t need to be deep to be dangerous

White House promotion of an allegedly doctored press conference video shows how "shallow fakes" can manipulate opinion.

hovering drone / camera / propellor blades

Critical authentication flaw in DJI drone web app fixed

Check Point researcher finds vulnerability that could have allowed attackers to spy on drone fleets in real time.

stateofcybercrimethumb

State of cybercrime 2018: Security spending up, but so are the risks

IT and security management use more technology to defend against sophisticated hacker attacks, but still lag on security training.

thumbnail
video

Mingis on Tech: All about the iPhone XR, new iPad Pros and the MacBook Air

In just a few days, Apple's eagerly-awaited iPhone XR finally arrived and the company rolled out new tablets, laptops and even a Mac mini. Here's what matters.

hunting and monitoring security threats

Burned malware returns, says Cylance report: Is Hacking Team responsible?

Burning malware forces attackers to evolve, not go away. Network defenders take note.

digital network privacy - eavesdropping

Are mixnets the answer to anonymous communications?

Combined with strong encryption such as the Signal protocol, modern mixnets could achieve the Holy Grail: metadata-resistant secure communications.

smart city iot iiot buildings skyline matthew henry unsplash

Hacking smart buildings

Smart buildings are giant IoT devices begging to get hacked. A new report offers concrete advice on how to mitigate the risk to building automation and control systems (BACS).

asia china flag grunge stars pixabay etereuti
The Trusted and Valued Insider (Threat)By

China’s MSS using LinkedIn against the U.S.

The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources.

CSO slideshow - Insider Security Breaches - Futuristic car technology races along a binary highway
The Trusted and Valued Insider (Threat)By

Tesla insider with expired NDA spills the tech beans

A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms.

7 safe browswer search legitimate url domains surfing the internet

Why abandoned domain names are so dangerous

Abandoned domain names are low-hanging fruit for attackers, who can use them to access sensitive email or customer data.

Globe with orbiting speech bubbles containing world flags, sitting on the edge of a laptop.

Traveling to China for work? Punch through the Great Firewall and securely connect with your home office

Security is not just about confidentiality and integrity. It's also about availability. The new partnership between Wickr and Psiphon is worth a look for global enterprises with traveling employees.

bucket with holes breach security vulnerability

Reevaluate "low-risk" PHP unserialization vulnerabilities, researcher says

Over nearly a decade, PHP unserialization vulnerabilities have become a popular route for cyber-criminals to plant remote code execution or deliver other malware into systems. But new research, introduced at Black Hat this month,...

cloud security lock
Security IntelligenceBy

Arista Networks PICs its spot In security

After establishing itself as an innovative network vendor, Arista has moved into the security market, addressing the challenges of 'places in cloud.'

10 cloud security breach virtualization wireless

What are Amazon Zelkova and Tiros? AWS looks to reduce S3 configuration errors

Amazon’s latest tools help identify where data might be left exposed in your AWS S3 cloud environments.

Facebook / network connections / privacy / security / breach / wide-eyed fear

Does Facebook even need a CSO?

Maybe not, says Twitter’s former CISO, but there are risks with Facebook's move from a centralized to a distributed security model in the wake of Alex Stamos's departure.

template c100.00 06 41 13.still001
video

Mingis on Tech: 3 big slices of Android Pie

The newest version of Android is rolling out for Pixel devices already and – eventually – it'll arrive on other Android phones. Computerworld's JR Raphael details what users can look forward to, and why it matters.

Load More