Security Experts:

Security Infrastructure
long dotted


BitLocker, the disk encryption solution implemented in the Windows operating system starting with Windows Vista, does not require sophisticated tools or tactics to be bypassed on systems that do not have the latest patches from Microsoft installed, security researcher Ian Haken claims.
Attacks designed to compromise users and steal sensitive data are increasing in magnitude and velocity as cybercriminals leverage automated tools to attack at scale.
Docker unveiled new security enhancements including hardware signing of container images, content auditing through image scanning and vulnerability detection and granular access control policies with user namespaces.
Most Windows-based network devices that hold sufficiently privileged credentials to enable attackers compromise other machines and accounts have been found to be susceptible to compromise.
Microsoft has put new data centers in Germany under the control of Deutsche Telekom, the companies said, in a move that will keep privacy-sensitive Germans' customer data in the country.
Tenable Network Security, makers of vulnerability scanners and software solutions that helps find network security gaps has raised $250 million in a massive Series B funding round.
Microsoft has signed an agreement to acquire privately-held Israeli data protection firm Secure Islands for an undisclosed sum.
Geneva-based encrypted email service ProtonMail has been offline for most of the past two days after being targeted by what the company is calling an “extremely powerful DDoS attack.”
DDoS attacks from Linux-based botnets accounted for 45.6 percent of the total DDoS attacks in Q3 2015, with most notable being the XOR DDoS botnet,
San Diego-based based iboss Cybersecurity announced on Tuesday that it has raised $35 million in a Series A funding round from investment giant Goldman Sachs.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Alastair Paterson's picture
Cyber Threat Intelligence (CTI) is critical for organizations that want to gain a comprehensive, tailored and relevant view of the potential threats and types of attackers that could be targeting them.
Marc Solomon's picture
The Internet of Everything is transforming our world and creating more opportunities for attackers as modern networks and their components constantly evolve and spawn new attack vectors.
David Holmes's picture
Ron Rivest, the inventor of RC4, has improved the RC4 algorithm by adding a third index variable k and moving i through the array more quickly. This new, improved RC4 is called Spritz.
Wade Williamson's picture
It has become very clear that intrusion detection and intrusion prevention are not simply deployment options of the same technology. They are in fact separate disciplines with unique requirements, goals and roles in the security stack.
Marc Solomon's picture
To ensure you understand and can address the main security challenges cloud apps can introduce to your organization, you need additional visibility and context.
David Holmes's picture
Perhaps the uptick in the adoption of HSTS among the world’s busiest sites foreshadows a broader adoption of this handy security technique.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Alan Cohen's picture
While IT security’s role has been a separate party to manage risk and compliance, does starting security oversight outside the continuous delivery process increase risk or lower it?
Marc Solomon's picture
Retailers must adopt a threat-centric approach to security with protection along the full attack continuum – before, during, and after an attack.
Scott Simkin's picture
When vendors and individuals attempt to keep threat intelligence private, they limit the ability of the entire group to identify and mitigate new threats as they are developed and launched against organizations.