Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Researchers found several potentially serious flaws in a popular pricing software from Navetti. Patches are available [Read More]
Number of dark web services dropped significantly following the cyberattack on Freedom Hosting II [Read More]
The Shamoon 2.0 malware has a fully functional ransomware module, but it has not been used in attacks [Read More]
Company run by known spammers inadvertently leaked sensitive information about its operations, including 1.4 billion user records [Read More]
Cloudflare has found no evidence that the Cloudbleed bug has been exploited for malicious purposes before it was patched [Read More]
Yahoo said the forged cookie attack affected 32 million users and the company admitted that the 2014 breach was not investigated properly [Read More]
Researchers analyzed several popular Android password managers and found that they fail to properly protect user credentials [Read More]
Buggy TLS 1.3 implementation causes Blue Coat proxies to break thousands of Chromebooks and PCs in a single organization [Read More]
Google hands over Gmail end-to-end encryption app E2EMail to the community [Read More]
Recently disclosed SHA-1 collision attack has a serious effect on repositories using Apache Subversion (SVN) system [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Aditya Sood's picture
The cloud is here to stay, and so long as employees use cloud apps from within an organization’s firewall, we’ll always have to wrangle with Shadow IT, Shadow Data and the attendant problems and risks.
Steven Grossman's picture
Beginning November 30, 2016, DoD third party contractors will be required to establish and maintain an insider threat program.
Eddie Garcia's picture
This article explains how to encrypt data in a Hadoop cluster. The tools are available, and if you are brave enough, you could attempt this at home.
Eddie Garcia's picture
A common misconception about native HDFS encryption is the belief that the data is encrypted when written to disk on the data nodes like most disk encryption solutions.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.
Bill Sweeney's picture
Enterprises have to worry about the surface area that is open for attack and the challenge of detecting attacks quickly when they are occurring. In every instance simplification will help.
Wade Williamson's picture
Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.