Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

The ambient light sensors found in phones, tablets and laptops can be abused to steal sensitive browser data, researchers warn [Read More]
IOActive researchers found 10 vulnerabilities affecting more than 20 models of Linksys Smart Wi-Fi routers [Read More]
Cisco has released software updates to patch high severity DoS vulnerabilities in Firepower, ASA, IOS and UCM products [Read More]
Chrome, Firefox and Opera expose their users to phishing attacks that rely on Unicode domain names [Read More]
Recently disclosed remote code execution vulnerability related to Java implementations of AMF3 affects VMware vCenter Server via BlazeDS [Read More]
Company confirms cybercriminals used malware to steal payment card data from nearly 40 Shoney’s restaurants [Read More]
Vulnerabilities in Bosch’s Drivelog Connect dongle and its mobile app allow hackers to send malicious CAN messages to a car and stop its engine [Read More]
Juniper Networks patches several high and medium severity vulnerabilities with Junos OS updates [Read More]
DARPA is seeking proposals for hardware architectures that will disarm many of today’s software attacks [Read More]
Mandatory Certificate Authority Authorization (CAA) checks will make the issuance of SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificates a more secure process. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Avi Chesla's picture
At the end of the day, CISOs are finding it very challenging to be able to assess the performance of the security products in their organization’s arsenal.
Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Jennifer Blatnik's picture
While automation delivers many benefits to the enterprise, there are dangers to mindlessly automating every business function, especially when it comes to security.
Marie Hattar's picture
Full visibility is necessary when it comes to security, but some things should stay hidden. How do we see the whole network? What tools do we need? How do we stay compliant?
Scott Simkin's picture
Training employees to be aware of credential-based attacks and how to avoid them, as well as adopting the right prevention-based measures, can have a material impact on stopping a common and effective attack techniques.
Dan Cornell's picture
Security cannot exist in a vacuum – it must be integrated with the entirety of an organization’s strategy when it comes to securing development operations.
Ashley Arbuckle's picture
With more leading-edge IT capabilities available only in the cloud, companies that can migrate more of their applications accordingly stand to gain even greater agility, scalability, and efficiencies required for business success.
David Holmes's picture
Classic SSL interceptors are notoriously lackadaisical about certificate verification, but that doesn’t mean the only choice is not to use them or that they’re not needed.
Joshua Goldfarb's picture
Although attackers still use malicious code quite often, they have been relying less and less on it. So how do attackers manage to be so successful without using any malware at all?
Marc Solomon's picture
Companies can make their entire security infrastructure more effective by using this threat intelligence as the glue to integrate layers of point products within a defense-in-depth strategy.