Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Skyfence has released a free tool designed to provide organizations visibility into cloud app usage and risks.
The IEEE (Institute of Electrical and Electronics Engineers) Center for Secure Design has published some advice to help software developers dodge common mistakes that compromise security.
Routers produced by China-based networking solutions provider Netis Systems are plagued by a security hole that can be leveraged by an attacker to gain control of the devices.
The developers of the Akeeba backup extension for Joomla have fixed a vulnerability that can be leveraged to gain access to website backups.
The National Institute of Standards and Technology (NIST) released today draft guidelines for addressing the security risks posed by the use of Secure Shell (SSH) for automated access.
Of the 1,000 most downloadable free applications, almost 70 percent had at least one SSL vulnerability, according to an analysis FireEye.
The 2014 ICS Cyber Security Conference will address real world problems and discuss actual ICS cyber incidents, many of which have never been told before. Register by August 22 and save $300 on a full conference pass!
NIST is requesting public comments on a guide designed to help organizations determine potential security and privacy risks posed by third-party mobile applications
The UPS Store said on Wednesday that computer systems at several of its franchised center locations had been infected with stealthy malware that went undetected by its anti-virus software and exposed customer payment data.
Researchers have discovered a flaw in the WordPress Mobile Pack plugin that can be exploited to access password-protected posts.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Scott Simkin's picture
Enterprises must tailor their security policy and protections to the actual threats they experience and to the threat landscape at large.
James McFarlin's picture
Creative disruption, where a paradigm shift in thinking replaces an existing order, may be an elusive concept but its power as a driving force of human behavior cannot be denied.
Marc Solomon's picture
With the right information, security professionals can quickly pivot from detection to a full understanding of the scope of the outbreak and take action to head off wider compromises
Travis Greene's picture
The significant breaches of today are executed by people infiltrating the organization, and attackers are doing this by assuming identities or abusing insider privileges.
Danelle Au's picture
Cloud service providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to and usage of the cloud application.
Pat Calhoun's picture
With a community of nearly 400,000 registered users, Snort remains a valuable tool for security organizations and has certainly flexed its muscles, but it may need some reinforcements to maintain its security longevity.
Joshua Goldfarb's picture
Amidst recent headlines, I am concerned that as a security community, we are losing sight of an important principle that is very important to remember: not all intrusions involve malware.
Scott Gainey's picture
Corporate stewards are getting educated in a hurry and are gearing up to ask some very pointed questions regarding strategy for protecting company data.
Travis Greene's picture
There is pressure for IT to deliver access to information from anywhere, on any device, without security hassles. Yet complaints about security hassles cannot dictate excessive risk exposure.
Joshua Goldfarb's picture
I am often asked the question: “Is security an unsolvable problem?” In order for me to answer that question, I would have to understand it, and I don’t.