Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Oracle patches several vulnerabilities, including two rated critical, in the Jolt server component of the company’s Tuxedo product [Read More]
Forever 21 investigating payment card breach, but only few details were provided by the company [Read More]
Account takeover study conducted by Google shows that phishing poses the greatest threat to users, followed by keyloggers and third-party breaches [Read More]
Hundreds of apps that use Twilio SDK or REST API include hardcoded credentials that can be used to access millions of calls and text messages [Read More]
Amazon adds five new encryption and security features to its S3 service, including one that alerts users of publicly accessible buckets [Read More]
The recently disclosed crypto flaw affecting Infineon chips takes less time to exploit than initially believed [Read More]
The United States Department of Homeland Security’s US-CERT has issued an alert to warn on cryptographic weaknesses impacting the IEEE P1735 standard. [Read More]
New York State Attorney General Eric T. Schneiderman introduced new legislation Thursday, designed to protect New Yorkers from corporate data breaches like the recent Equifax breach. [Read More]
Savitech drivers used by several companies that provide specialized audio products expose PCs to attacks by installing a new root certificate [Read More]
OpenSSL updates patch two vulnerabilities found using Google’s OSS-Fuzz open source fuzzer [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Lance Cottrell's picture
Passive Information Leakage (PIL) is one of the least known and most difficult forms of data lost to prevent, and is little understood, primarily because it cannot be addressed through conventional security practices.
Steven Grossman's picture
The challenge of data protection is not going away. Even without the ever-improving tactics of the bad guys, data sprawl has made it difficult for those just trying to do their jobs.
Jennifer Blatnik's picture
By taking what you know about security in the physical world and logically applying it to the virtual world, you can effectively protect your personal information.
Alastair Paterson's picture
What can U.S.-based companies do to prepare for the GDPR that is due to come into force in May 2018? These five steps can help.
Jennifer Blatnik's picture
Almost every industry can improve efficiencies with blockchain. But what will make blockchain a success is ultimately security.
Steven Grossman's picture
Organizations are increasingly combining UEBA technology with other data sources and analytics methods to overcome cyber risk challenges on a broader scale.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.