Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Certificate validation vulnerability in Apple Music for Android allows MitM attackers to intercept sensitive user data [Read More]
Honeywell has launched a new product designed to protect industrial facilities from USB-borne threats [Read More]
The International Association of Athletics Federations (IAAF) says Fancy Bear cyberspies breached its systems and accessed athlete medical records [Read More]
Schneider Electric patches several vulnerabilities in Modicon PLCs and Wonderware InTouch HMI products [Read More]
WikiLeaks publishes information and source code for framework used by CIA to make analysis of its tools and attribution more difficult [Read More]
Nearly 1.4 billion data records were compromised in 2016, according to Gemalto’s latest Breach Level Index [Read More]
Google researcher Tavis Ormandy has identified a new vulnerability in the LastPass browser extension. LastPass is working on a fix [Read More]
Russia-linked threat group known as APT29 and Cozy Bear used domain fronting to disguise Tor traffic [Read More]
Vulnerabilities found in the Chrome and Firefox extensions of the LastPass password manager allow attackers to steal passwords, execute code [Read More]
White hat hackers earned tens of thousands of dollars for finding critical vulnerabilities in GitHub Enterprise [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Aditya Sood's picture
The cloud is here to stay, and so long as employees use cloud apps from within an organization’s firewall, we’ll always have to wrangle with Shadow IT, Shadow Data and the attendant problems and risks.
Steven Grossman's picture
Beginning November 30, 2016, DoD third party contractors will be required to establish and maintain an insider threat program.
Eddie Garcia's picture
This article explains how to encrypt data in a Hadoop cluster. The tools are available, and if you are brave enough, you could attempt this at home.
Eddie Garcia's picture
A common misconception about native HDFS encryption is the belief that the data is encrypted when written to disk on the data nodes like most disk encryption solutions.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.
Bill Sweeney's picture
Enterprises have to worry about the surface area that is open for attack and the challenge of detecting attacks quickly when they are occurring. In every instance simplification will help.