News Analyses

digital network privacy - eavesdropping
smart city iot iiot buildings skyline matthew henry unsplash

asia china flag grunge stars pixabay etereuti

China’s MSS using LinkedIn against the U.S.

The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources.

CSO slideshow - Insider Security Breaches - Futuristic car technology races along a binary highway

Tesla insider with expired NDA spills the tech beans

A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms.

7 safe browswer search legitimate url domains surfing the internet

Why abandoned domain names are so dangerous

Abandoned domain names are low-hanging fruit for attackers, who can use them to access sensitive email or customer data.

Globe with orbiting speech bubbles containing world flags, sitting on the edge of a laptop.

Traveling to China for work? Punch through the Great Firewall and securely connect with your home office

Security is not just about confidentiality and integrity. It's also about availability. The new partnership between Wickr and Psiphon is worth a look for global enterprises with traveling employees.

bucket with holes breach security vulnerability

Reevaluate "low-risk" PHP unserialization vulnerabilities, researcher says

Over nearly a decade, PHP unserialization vulnerabilities have become a popular route for cyber-criminals to plant remote code execution or deliver other malware into systems. But new research, introduced at Black Hat this month,...

cloud security lock

Arista Networks PICs its spot In security

After establishing itself as an innovative network vendor, Arista has moved into the security market, addressing the challenges of 'places in cloud.'

10 cloud security breach virtualization wireless

What are Amazon Zelkova and Tiros? AWS looks to reduce S3 configuration errors

Amazon’s latest tools help identify where data might be left exposed in your AWS S3 cloud environments.

security trust

What is digital trust? How CSOs can help drive business

Chief security officers should play a key role in building trust with customers, and that translates to better customer acquisition, greater customer loyalty, and more revenue.

Facebook / network connections / privacy / security / breach / wide-eyed fear

Does Facebook even need a CSO?

Maybe not, says Twitter’s former CISO, but there are risks with Facebook's move from a centralized to a distributed security model in the wake of Alex Stamos's departure.

template c100.00 06 41 13.still001
video

Mingis on Tech: 3 big slices of Android Pie

The newest version of Android is rolling out for Pixel devices already and – eventually – it'll arrive on other Android phones. Computerworld's JR Raphael details what users can look forward to, and why it matters.

q400 airliner reuters gary hershorn

Horizon Air tragedy highlights airline insider threat vulnerability

The ease at which a Horizon Air employee was able to steal and crash a Bombardier Q400 turboprop will likely prompt airlines to develop an insider threat mitigation strategy to close this vulnerability.

risk assessment - safety analysis - security audit

How did the TimeHop data breach happen?

Compromise of an employee's credentials, lack of multi-factor authentication, and weak insider threat analysis all played a factor in the recent TimeHop data breach in which 21 million user accounts were compromised.

Bug bounty program

Bug bounties offer legal safe harbor. Right? Right?

Bug bounties are all the rage, but many programs do not offer legal safe harbor to good-faith security researchers who wish to report security issues. Caveat bug finder.

ajit pai fcc

FCC lied about DDoS attack during net neutrality comment process, blames former CIO

FCC Chairman Ajit Pai says a DDoS attack did not take out the net neutrality comment site, and he blames the former FCC CIO for providing incorrect information.

cockroach bug binary2

Do you need a vulnerability disclosure program? The feds say yes

The FTC and DOJ are pushing companies to provide a means for good-faith security researchers to report bugs and put effective processes in place to act on those reports.

quantum

How quantum computers will destroy and (maybe) save cryptography

Quantum computers advance mean we might have only a few years before they can break all public key encryption. The day when every secret is known is near.

locked door with key

How pervasive is the insider threat in your company?

The Dtex 2018 Threat Report finds that 100 percent of companies have blind spots when it comes to the insider threat.

tech talk opening.00 15 04 21.still001
video

Tech Talk: Machine learning and AI deciphered

Breaking through the hype around machine learning and artificial intelligence, our panel of Ken Mingis, Michael Simon and Serdar Yegulalp talk through the definitions and implications of the technology.

Load More