News Analyses
China’s MSS using LinkedIn against the U.S.
The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources.
Tesla insider with expired NDA spills the tech beans
A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms.
Why abandoned domain names are so dangerous
Abandoned domain names are low-hanging fruit for attackers, who can use them to access sensitive email or customer data.
Traveling to China for work? Punch through the Great Firewall and securely connect with your home office
Security is not just about confidentiality and integrity. It's also about availability. The new partnership between Wickr and Psiphon is worth a look for global enterprises with traveling employees.
Reevaluate "low-risk" PHP unserialization vulnerabilities, researcher says
Over nearly a decade, PHP unserialization vulnerabilities have become a popular route for cyber-criminals to plant remote code execution or deliver other malware into systems. But new research, introduced at Black Hat this month,...
Arista Networks PICs its spot In security
After establishing itself as an innovative network vendor, Arista has moved into the security market, addressing the challenges of 'places in cloud.'
What are Amazon Zelkova and Tiros? AWS looks to reduce S3 configuration errors
Amazon’s latest tools help identify where data might be left exposed in your AWS S3 cloud environments.
What is digital trust? How CSOs can help drive business
Chief security officers should play a key role in building trust with customers, and that translates to better customer acquisition, greater customer loyalty, and more revenue.
Does Facebook even need a CSO?
Maybe not, says Twitter’s former CISO, but there are risks with Facebook's move from a centralized to a distributed security model in the wake of Alex Stamos's departure.
video
Mingis on Tech: 3 big slices of Android Pie
The newest version of Android is rolling out for Pixel devices already and – eventually – it'll arrive on other Android phones. Computerworld's JR Raphael details what users can look forward to, and why it matters.
Horizon Air tragedy highlights airline insider threat vulnerability
The ease at which a Horizon Air employee was able to steal and crash a Bombardier Q400 turboprop will likely prompt airlines to develop an insider threat mitigation strategy to close this vulnerability.
How did the TimeHop data breach happen?
Compromise of an employee's credentials, lack of multi-factor authentication, and weak insider threat analysis all played a factor in the recent TimeHop data breach in which 21 million user accounts were compromised.
Bug bounties offer legal safe harbor. Right? Right?
Bug bounties are all the rage, but many programs do not offer legal safe harbor to good-faith security researchers who wish to report security issues. Caveat bug finder.
FCC lied about DDoS attack during net neutrality comment process, blames former CIO
FCC Chairman Ajit Pai says a DDoS attack did not take out the net neutrality comment site, and he blames the former FCC CIO for providing incorrect information.
Do you need a vulnerability disclosure program? The feds say yes
The FTC and DOJ are pushing companies to provide a means for good-faith security researchers to report bugs and put effective processes in place to act on those reports.
How quantum computers will destroy and (maybe) save cryptography
Quantum computers advance mean we might have only a few years before they can break all public key encryption. The day when every secret is known is near.
How pervasive is the insider threat in your company?
The Dtex 2018 Threat Report finds that 100 percent of companies have blind spots when it comes to the insider threat.
video
Tech Talk: Machine learning and AI deciphered
Breaking through the hype around machine learning and artificial intelligence, our panel of Ken Mingis, Michael Simon and Serdar Yegulalp talk through the definitions and implications of the technology.
Most Popular
BrandPosts
Learn more-
Sponsored by Fortinet
-
Sponsored by RSA SecurID® Suite
-
Sponsored by BlueCat
Sponsored Links