Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Intercept is being criticized for sharing information which may have led to the arrest this week of National Security Agency contractor Reality Leigh Winner. [Read More]
Chinese authorities say they have uncovered a massive underground operation run by Apple employees selling computer and phone users' personal data. [Read More]
Router and switch LEDs can be used to stealthily exfiltrate sensitive data from air-gapped computers, researchers demonstrate [Read More]
A government contractor has been charged for leaking a classified NSA report on Russia election hacking to The Intercept [Read More]
Roughly 4,400 unprotected Hadoop servers expose more than 5 petabytes of data, Shodan search shows [Read More]
OneLogin shares more details on the breach suffered this week, including the method of attack and customer impact [Read More]
Department store chain Kmart informed customers that its payment systems were infected with malware - second card breach in recent years [Read More]
Identity and access management firm OneLogin suffers breach at US data center - customer information compromised [Read More]
Researcher discovers unprotected Amazon S3 bucket storing sensitive military data belonging to a US combat support and intelligence agency [Read More]
US aviation security officials stepped back from imposing a ban on carry-on computers on flights coming from Europe, which had been proposed to guard against possible bomb-laden electronics from the Islamic State group. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Aditya Sood's picture
The cloud is here to stay, and so long as employees use cloud apps from within an organization’s firewall, we’ll always have to wrangle with Shadow IT, Shadow Data and the attendant problems and risks.
Steven Grossman's picture
Beginning November 30, 2016, DoD third party contractors will be required to establish and maintain an insider threat program.
Eddie Garcia's picture
This article explains how to encrypt data in a Hadoop cluster. The tools are available, and if you are brave enough, you could attempt this at home.
Eddie Garcia's picture
A common misconception about native HDFS encryption is the belief that the data is encrypted when written to disk on the data nodes like most disk encryption solutions.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.