The FTC orders Residual Pumpkin and PlanetArt to implement MFA, encrypt Social Security numbers, collect less data, and have their information security programs assessed by a third-party. [Read More]
CrowdStrike researchers find evidence of ransomware actors deploying zero-day exploits against Mitel VOIP appliances sitting on the network perimeter. [Read More]
Cryptographers at Swiss university ETH Zurich have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service [Read More]
SYN Ventures is leading a $23 million Series A investment in RevealSecurity, a startup building technology to thwart malicious insider threats. [Read More]
Big-game malware hunters at Volexity call attention to a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. [Read More]
An Israeli startup promising technology to help developers simplify security has banked an eye-opening $38.5 million in seed-stage funding. [Read More]
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
Security is a creature of habit. Security likes things to stay the same. Change brings chaos. Chaos is bad for security. But, we can help control the security of our environment by following good security habits.
A new amendment to Texas' breach notice law is designed to make it easier for Texas entities to comply with Texas law by giving those entities the choice of notifying under Texas law or the law of residents of other states.
While regulations and ensuing IT audits go beyond firewalls and firewall policies, these devices are often a good place to start when it comes to becoming "audit-ready" and gaining continuous visibility of what's going on in your network.
Too many IT and risk managers are surprised by security breaches, compromised keys or operational failures that occur from sheer neglect that result when you leave your valuable keys as exposed as a password on a post-it. Hefty, potential fines for failing to comply with regulations are risk enough, but the risks of ignoring these vulnerabilities extend even further.
The vast majority of ISVs are focused on prospecting and lead generation while overlooking potential sales funnel leakage due to piracy. Any vendor that is serious about its longevity needs to know if it has a software piracy problem.