Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

NIST is requesting public comments on a guide designed to help organizations determine potential security and privacy risks posed by third-party mobile applications
The UPS Store said on Wednesday that computer systems at several of its franchised center locations had been infected with stealthy malware that went undetected by its anti-virus software and exposed customer payment data.
Researchers have discovered a flaw in the WordPress Mobile Pack plugin that can be exploited to access password-protected posts.
Chinese hackers reportedly exploited the infamous “Heartbleed” vulnerability in OpenSSL to compromise Community Health Systems and steal patient data.
The Linux Foundation has added a two-factor authentication (2FA) mechanism to the source code repositories housing the Linux kernel in an effort to improve access security for developers.
Oberthur Technologies announced that it would acquire NagraID Security SA for an undisclosed sum.
Facebook has fixed a vulnerability that could have been leveraged to amplify distributed denial-of-service (DDoS) attacks by using the company's own datacenters.
Community Health Systems, Inc., one of the largest hospital operators in the United States, said hackers managed to steal the records of 4.5 million patients.
Israeli cybersecurity startup GuardiCore, announced on Monday that it has closed an $11 million round of funding led by Battery Ventures.
Pretty Good Privacy (PGP), the popular email privacy and authentication software is fundamentally broken and it's time for it to "die," says Matthew Green, a well known cryptographer and research professor at Johns Hopkins University.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Travis Greene's picture
The significant breaches of today are executed by people infiltrating the organization, and attackers are doing this by assuming identities or abusing insider privileges.
Danelle Au's picture
Cloud service providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to and usage of the cloud application.
Pat Calhoun's picture
With a community of nearly 400,000 registered users, Snort remains a valuable tool for security organizations and has certainly flexed its muscles, but it may need some reinforcements to maintain its security longevity.
Joshua Goldfarb's picture
Amidst recent headlines, I am concerned that as a security community, we are losing sight of an important principle that is very important to remember: not all intrusions involve malware.
Scott Gainey's picture
Corporate stewards are getting educated in a hurry and are gearing up to ask some very pointed questions regarding strategy for protecting company data.
Travis Greene's picture
There is pressure for IT to deliver access to information from anywhere, on any device, without security hassles. Yet complaints about security hassles cannot dictate excessive risk exposure.
Joshua Goldfarb's picture
I am often asked the question: “Is security an unsolvable problem?” In order for me to answer that question, I would have to understand it, and I don’t.
Danelle Au's picture
Enterprises can gain tremendous competitive advantages by having IT focus on the things that matter – users and information rather than infrastructure maintenance and building.
Pat Calhoun's picture
The need for extreme network protection may be the driving force behind your decision to invest in a next-generation firewall (NGFW), but your enterprise also has other factors to consider.
Mark Hatton's picture
You need to identify your security shortcomings before someone else does. Simulate attacks and tests to associate known vulnerabilities, previous attack patterns, and security/network data to identify potential attack paths to your company’s most important data.