Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Mojave Networks has added a new feature to the company’s professional and enterprise services in an effort to help organizations minimize the risks posed by the mobile applications used by their employees.
Cloudera goes after Gazzang's encryption and key management capabilities.
While most organizations have patched the Heartbleed bug in their OpenSSL installations, a security expert has uncovered new vectors for exploiting the vulnerability, which can impact enterprise wireless networks, Android devices, and other connected devices.
TrueCrypt is not safe to use since it might contain unfixed security issues, warns a message apparently coming from the developers of the encryption software.
eBay said Wednesday cyberattackers broke into its database with customer passwords and other personal data in what could be one of the biggest breaches of its kind.
Hortonworks announced that it has acquired data security company XA Secure for an undisclosed sum.
SanDisk announced the availability of its first self-encrypting solid state (SSD) drive, the X300s SSD.
IBM unveiled a suite of security software and services designed to help organizations defend against advanced cyber threats and protect sensitive data.
NetSupport, a remote management tool used in some enterprises can be exploited by attackers to remotely connect to a host without needing any passwords, according to a Trustwave researcher.
Researchers from FireEye have discovered a nasty zero-day exploit that is being used in targeted attacks and bypasses the ASLR and DEP protections in Microsoft Windows.

FEATURES, INSIGHTS // Data Protection

rss icon

Michael Callahan's picture
While I’d argue the point that the chip and PIN system is better and more secure than the mag stripe, it’s not what caused these or what will prevent future malware attacks.
Torsten George's picture
While security monitoring generates big data, in its raw form it remains only a means to an end. Ultimately, information security decision making should be based on prioritized, actionable insight derived from the data.
Mike Tierney's picture
The insider threat is very much a reality, and because it hides in the details, it’s one of the biggest threats businesses can encounter.
Gil Zimmermann's picture
IT managers focused on protecting technology infrastructure would do well to assess whether cloud service providers have better security systems in place than their own corporate IT resources allow.
Dr. Mike Lloyd's picture
Every security team that can fog a mirror is asking the question “what just happened at Target, and how do we make sure that doesn’t happen to us?”
Michael Callahan's picture
The threats that companies face will continue to accelerate. And while that might seem like a very obvious and not so insightful observation, the devil is in the details. Here are the trends both in the threats and how we will respond to them in 2014.
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Chris Hinkley's picture
For security professionals, PCI DSS 3.0 means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation.
Gil Zimmermann's picture
As 2013 wanes, it makes sense take a few steps back and look at the state of the cloud and how it fits into the plans our customers and friends have been sharing with us. As we move through 2014, will your teams be driving new value, or responding to yesterday’s threats?
Torsten George's picture
What steps can be taken to implement and leverage incident response management as a valuable weapon for limiting material or reputational damages associated with data breaches?