Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Fortinet agreed a deal worth $545,000 to settle a whistleblower lawsuit that alleged that Fortinet had supplied mislabeled goods manufactured by countries including China, falsely representing the goods were in compliance with the U.S Trade Agreements Act (TAA). [Read More]
One of Idaho’s largest insurance companies, Blue Cross of Idaho, said someone hacked its website and obtained access to the personal information of about 5,600 customers, including their names, claim payment information and codes indicating medical procedures they may have undergone. [Read More]
FireEye releases an open source tool designed to automate the analysis of Adobe Flash files to identify malware and prevent infections. [Read More]
Hackers breached Microsoft email services (Outlook.com, Hotmail, MSN) and accessed user accounts after compromising a support agent’s credentials. [Read More]
A new type of DDoS attack that abuses the HTML5 Ping-based hyperlink auditing feature has been detected following a major attack emanating from primarily Chinese-speaking mobile users of the QQBrowser. [Read More]
A security configuration framework for Windows 10 unveiled by Microsoft this week defines five different levels of discrete prescriptive security configurations. [Read More]
Matrix.org, an open source project for secure and decentralized communications, had its systems hacked and its website defaced. The hacker then revealed the security issues he found. [Read More]
Patches released by VMware for its ESXi, Workstation and Fusion products address DoS and information disclosure vulnerabilities related to graphics components. [Read More]
Google this week announced a series of tools meant to increase the overall security of Google Cloud and improve customer trust in the service. [Read More]
Russian lawmakers approve a bill that would allow Moscow to cut the country's internet traffic from foreign servers, in a key second reading paving the way for legislation that activists fear is a step towards online isolation. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Ashley Arbuckle's picture
As organizations digitize their business and make these shifts, they need to know what and who they can trust.
John Maddison's picture
While maintaining consistent network visibility and control is table stakes for any security strategy, they are becoming increasingly difficult to maintain.
Torsten George's picture
The anatomy of a hack has been glorified and led to the common belief that data breaches typically exploit zero-day vulnerabilities and require a tremendous amount of code sophistication.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Ashley Arbuckle's picture
Through market consolidation, organizations can derive exponentially more value from their security tools.
John Maddison's picture
While many organizations are struggling to secure their diverse, complex, and rapidly expanding networks, they are now facing a new challenge created by convergence.
Laurence Pitt's picture
As we continue to increase our dependency on communications networks and technologies to move tremendous amounts of data, we open up greater potential for serious disaster should they be compromised.
Erin O’Malley's picture
It’s important for IT security teams to understand the slight, but potentially significant difference between MFA and two-factor (2FA) authentication.