Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

GAO Report Knocks SEC for Cybersecurity Failings
Attackers Less Reliant on Botnets to Launch Powerful DDoS Attacks: Akamai
Satellite Telecom Vulnerable to Hackers: Researchers
Snowden Questions Putin on Surveillance in Phone-in
Microsoft Updates Threat Modeling Tool
long dotted

NEWS & INDUSTRY UPDATES

Heartbleed Hits 1.5 Million Users of UK Parenting Website
British parenting website Mumsnet is the latest organization to have been hacked due to the "Heartbleed" bug, founder Justine Roberts revealed.
Read More..
Akamai Reissuing SSL Keys After Flaw Found in Heartbleed Mitigation
Akamai Technologies admitted some custom code it thought protected users against the Heartbleed vulnerability is flawed.
Read More..
Canadians' Tax Data Stolen in Heartbleed Breach
Personal data for as many as 900 Canadian taxpayers was stolen after being made vulnerable by the "Heartbleed" bug, officials in Ottawa said on Monday.
Read More..
Confirmed: Heartbleed Exposes Web Server's Private SSL Keys
CloudFlare was able to confirm that an attacker can retrieve a server's private SSL key by exploiting the "Heartbleed" Vulnerability.
Read More..
NSA Denies Exploiting 'Heartbleed' Vulnerability
The NSA denied a report claiming it was aware of and even exploited the "Heartbleed" online security flaw to gather critical intelligence.
Read More..
Court Reverses Conviction of Security Researcher
An appeals court in the United States overturned the conviction of a self-described "security research" hacker for breaking into the AT&T online network to reveal a security flaw.
Read More..
Heartbleed Bug Shutters More Canadian Gov't Websites
Canada's government ordered all federal department websites vulnerable to the "Heartbleed" bug to be shut down.
Read More..
Why The Heartbleed Vulnerability Matters and What To Do About It
The Heartbleed vulnerability is "catastrophic” for SSL and Internet security, Bruce Schneier, told SecurityWeek. “On the scale of 1 to 10, this is an 11,” he said. Here is what organizations need to know and what actions they should take.
Read More..
Orbit Open Ad Server Security Hole Closed
Unpatched versions of Orbit Open Ad Server are vulnerable to a potentially significant SQL injection vulnerability
Read More..
McAfee Outlines Strategy for Securing Internet of Things
Intel's McAfee security division says it is focused on securing the Internet of Things as the number of devices continues to grow.
Read More..

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Torsten George's picture
Security Threats: Risk's Often Neglected Step Child
Torsten George - Network Security
A threat is the agent that takes advantage of a vulnerability. This relationship must be a key factor in the risk assessment process and can no longer be treated as risk’s neglected step child.
Read full story
Mark Hatton's picture
Five Considerations for Being Proactive Without Becoming a Problem Yourself
Mark Hatton - Risk Management
Here are five things I recommend security pros keep in mind when navigating the line between tight security and keeping the organization running at peak proficiency.
Read full story
Chris Hinkley's picture
Getting a Grip on The Internet of Things
Chris Hinkley - Vulnerabilities
Whether you’re buying a smart refrigerator for your home or a printer for your company, your first step is deciding the risk involved and how to deploy the device in a secure manner while preserving the functionality you require.
Read full story
Mark Hatton's picture
Can a Couple of Inches of Snow Change the Way We View Security?
Mark Hatton - Vulnerabilities
Predictive security narrows the scope considerably and helps IT and security pros zero-in on the most likely vulnerabilities and areas most-at-risk due to the sensitive nature of the data they hold.
Read full story
Chris Hinkley's picture
Disclosure: A Case for Bug Bounties
Chris Hinkley - Vulnerabilities
Vulnerabilities are a fact of life. Independent testing may be illegal without express permission, but that doesn’t stop code pillagers from sniffing out vulnerabilities and weaknesses in your web applications.
Read full story
Torsten George's picture
Time to Rethink Vulnerability Management
Torsten George - Risk Management
Without putting vulnerabilities into the context of the risk associated with them, organizations often misalign their remediation resources.
Read full story
Mark Hatton's picture
As Security a Professional, What Will You Be Focused on in 2014?
Mark Hatton - Network Security
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Read full story
Mark Hatton's picture
Think Like an Attacker for Better Defensive Capabilities
Mark Hatton - Risk Management
The best way to anticipate a move by an adversary is to put yourself in their position and ask, what would I do in the same situation? Studying the ways in which you would attack a given situation provides a strategic advantage when planning your defense.
Read full story
Ryan Naraine's picture
Podcast: Inside Microsoft's Efforts to Fight Against Botnets
Ryan Naraine - Mobile Security
In this podcast, Richard Boscovich, assistant general counsel in the Microsoft Digital Crimes Unit, talks about the new Microsoft Cybercrime Center and the ongoing battle to stop the proliferation of botnets around the world.
Read full story
Michael Callahan's picture
Examining The Security Implications of Healthcare.gov
Michael Callahan - Privacy
There’s more than functionality and availability issues ailing Healthcare.gov. There’s significant potential for compromise.
Read full story