News Analyses

asia china flag grunge stars pixabay etereuti

The Trusted and Valued Insider (Threat)By Christopher Burgess

China’s MSS using LinkedIn against the U.S.

The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources.

CSO slideshow - Insider Security Breaches - Futuristic car technology races along a binary highway

The Trusted and Valued Insider (Threat)By Christopher Burgess

Tesla insider with expired NDA spills the tech beans

A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms.

7 safe browswer search legitimate url domains surfing the internet

Don't abandon that domain name

Penny-wise, pound-foolish: Letting old domain names expire might save a few bucks a year, but lets attackers register your old domain and pretend to be you.

Globe with orbiting speech bubbles containing world flags, sitting on the edge of a laptop.

Traveling to China for work? Punch through the Great Firewall and securely connect with your home office

Security is not just about confidentiality and integrity. It's also about availability. The new partnership between Wickr and Psiphon is worth a look for global enterprises with traveling employees.

bucket with holes breach security vulnerability

Reevaluate "low-risk" PHP unserialization vulnerabilities, researcher says

Over nearly a decade, PHP unserialization vulnerabilities have become a popular route for cyber-criminals to plant remote code execution or deliver other malware into systems. But new research, introduced at Black Hat this month,...

Security IntelligenceBy Zeus Kerravala

Arista Networks PICs its spot In security

After establishing itself as an innovative network vendor, Arista has moved into the security market, addressing the challenges of 'places in cloud.'

10 cloud security breach virtualization wireless

What are Amazon Zelkova and Tiros? AWS looks to reduce S3 configuration errors

Amazon’s latest tools help identify where data might be left exposed in your AWS S3 cloud environments.

What is digital trust? How CSOs can help drive business

Chief security officers should play a key role in building trust with customers, and that translates to better customer acquisition, greater customer loyalty, and more revenue.

Facebook / network connections / privacy / security / breach / wide-eyed fear

Does Facebook even need a CSO?

Maybe not, says Twitter’s former CISO, but there are risks with Facebook's move from a centralized to a distributed security model in the wake of Alex Stamos's departure.

video

Mingis on Tech: 3 big slices of Android Pie

The newest version of Android is rolling out for Pixel devices already and – eventually – it'll arrive on other Android phones. Computerworld's JR Raphael details what users can look forward to, and why it matters.

The Trusted and Valued Insider (Threat)By Christopher Burgess

Horizon Air tragedy highlights airline insider threat vulnerability

The ease at which a Horizon Air employee was able to steal and crash a Bombardier Q400 turboprop will likely prompt airlines to develop an insider threat mitigation strategy to close this vulnerability.

risk assessment - safety analysis - security audit

The Trusted and Valued Insider (Threat)By Christopher Burgess

How did the TimeHop data breach happen?

Compromise of an employee's credentials, lack of multi-factor authentication, and weak insider threat analysis all played a factor in the recent TimeHop data breach in which 21 million user accounts were compromised.

Bug bounties offer legal safe harbor. Right? Right?

Bug bounties are all the rage, but many programs do not offer legal safe harbor to good-faith security researchers who wish to report security issues. Caveat bug finder.

Privacy and Security FanaticBy Ms. Smith

FCC lied about DDoS attack during net neutrality comment process, blames former CIO

FCC Chairman Ajit Pai says a DDoS attack did not take out the net neutrality comment site, and he blames the former FCC CIO for providing incorrect information.

Do you need a vulnerability disclosure program? The feds say yes

The FTC and DOJ are pushing companies to provide a means for good-faith security researchers to report bugs and put effective processes in place to act on those reports.

How quantum computers will destroy and (maybe) save cryptography

Quantum computers advance mean we might have only a few years before they can break all public key encryption. The day when every secret is known is near.

The Trusted and Valued Insider (Threat)By Christopher Burgess

How pervasive is the insider threat in your company?

The Dtex 2018 Threat Report finds that 100 percent of companies have blind spots when it comes to the insider threat.

video

Tech Talk: Machine learning and AI deciphered

Breaking through the hype around machine learning and artificial intelligence, our panel of Ken Mingis, Michael Simon and Serdar Yegulalp talk through the definitions and implications of the technology.

Load More

Popular Resources

eBook
Sponsored

Ransomware Reboot eBook
White Paper

Forbes: The Challenges of Tomorrow’s CIO
White Paper

Defend Your Devices, Data, and Documents
White Paper

Best Practices for Implementing Security Awareness Training
Research/Infographic
Sponsored

Houston SD-WAN CIO Summit 2018: How to Build Your Road Map to the Cloud

See All

Most Popular

BrandPosts

Learn more

Sponsored by Fortinet

Addressing the Modern Threat Landscape with Threat Intelligence Services
Sponsored by RSA SecurID® Suite

3 Ways to Get Mobile Biometric Authentication Up and Running Fast
Sponsored by BlueCat

Malicious Tactics Have Evolved: Your DNS Needs to, Too

Sponsored Links