Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

A Ruby software package that contained a malicious backdoor has been removed from the Ruby Gems repository after compromising over ten libraries. [Read More]
Apple, Google and Mozilla respond to Kazakhstan’s efforts to spy on its citizens by requiring them to install a root certificate on their devices. [Read More]
All Sphinx servers that are exposed to the Internet are prone to abuse by cybercriminals, as they can be accessed by anyone. [Read More]
Facebook has announced the 2019 winners of the Internet Defense Prize, an award offered in partnership with USENIX. [Read More]
Yubico announces general availability of YubiKey 5Ci, a security key that has both USB-C and Lightning connectors. [Read More]
GitHub announced that its token scanning service now also checks commits for accidentally shared Atlassian, Dropbox, Discord, Proctorio and Pulumi tokens. [Read More]
Facebook announces that its Data Abuse Bounty program now includes Instagram, and the company has invited some security researchers to test Instagram’s new Checkout feature. [Read More]
AWS has reached out to customers reportedly targeted by the Capital One hacker, but says none of them reported any significant issues. [Read More]
Researchers discovered that organizations expose many confidential documents by uploading them to malware analysis sandboxes. [Read More]
Google’s Password Checkup extension warns users if their password has been compromised, but many don’t change their password after being alerted. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Jim Ducharme's picture
If you want to succeed with FIDO, you have to be ready. Now is the time to assess your organization’s authentication needs, how they are evolving, and the dynamics of your user population.
Jim Gordon's picture
Individuals and security professionals should have a 360 mindset and know the actions needed to take in the pursuit of data protection and the preservation of privacy.
Ashley Arbuckle's picture
While we can’t turn our attention away from gathering data, we must devise new ways to deal with the onslaught of data. Humans simply can’t keep up, and the problem is getting worse.
Preston Hogue's picture
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
Justin Fier's picture
As executives, developers, security teams, and third-party vendors struggle to exert their influence on digital transformation, threat-actors are exploiting the chaos for their own gain.
Ashley Arbuckle's picture
Breach and Attack Simulation (BAS) tools aid in maintaining a fundamental level of security assurance more quickly and cost effectively than traditional approaches.
John Maddison's picture
Analyzing threat trends can provide security professionals with insights into how to better protect their organizations from the latest cyber threats.
Gunter Ollmann's picture
While cloud SIEM may be new for most organizations, its ability to harness the innate capabilities of public cloud are transforming security operations.
Jim Ducharme's picture
It’s time to address some myths about how facial recognition works, to help increase consumer comfort with biometric-authentication technology.
Laurence Pitt's picture
While security spending is on the increase, it’s up to us as experienced security practitioners to make the most of this spend with a clear ROI that can be reported to the business.