Attackers target OWA for domain credentials

Why spend time targeting Active Directory for domain credentials when Outlook Web Application is just as good -- and far easier to compromise?

By Fahmida Y. Rashid | 07 October, 2015 19:43

Tags: Microsoft, exchange

EMV sets the stage for a better payment future

Most merchants now have EMV credit card readers in place, yielding marginally improved security today -- and a platform for better payment systems arriving soon

GitHub adds hardware-based authentication for developers

GitHub developers will now be able to log in to the code repository using YubiKey hardware keys

Privacy group calls for a boycott of tech companies supporting CISA

An activist group is on a quixotic campaign to punish tech companies who support the controversial information-sharing bill

Why Windows 10 is the most secure Windows ever

With Device Guard and Credential Guard, Windows enjoys unprecedented protection from malware and advanced persistent threats

By Fahmida Y. Rashid | 18 September, 2015 13:00

Tags: Microsoft, Windows 10

Technology that predicts your next security fail

There's both art and science to predictive analytics in a security setting, early adopters say.

Reports of attacks on the Department of Energy raise alarms

The power grid may not be in immediate danger, but that doesn't mean the threat to critical infrastructure isn't there

Extortion or fair trade? The value of bug bounties

Vendors without bug bounty programs risk the wrath of the infosec community, but such programs must be constructed carefully to yield optimal outcomes

Three key challenges in vulnerability risk management

Vulnerability scanning provides visibility into potential land mines, but often just results in data tracked in spreadsheets and independent remediation teams scrambling in different directions. It is time to change from a “find” mentality to a “fix” mentality. Here’s how.

The unintended consequences of a RASP-focused application security strategy

RASP can help safeguard applications, but it isn’t a silver bullet

U.S. readies sanctions against China for cyber-spying

As the Obama administration prepares to impose sanctions on Chinese companies for economic cyber-espionage, experts question whether the penalties will have significant effect

By Fahmida Y. Rashid | 31 August, 2015 21:42

Tags: cyber attack

Beyond bitcoin: 7 ways to capitalize on blockchains

Bitcoin’s widely trusted ledger offers intriguing possibilities for business use beyond cryptocurrency

Google, Amazon push Flash closer to extinction

Internet users will get some respite from Flash-based attacks since Google and Amazon are stopping Flash ads from displaying

By Fahmida Y. Rashid | 28 August, 2015 20:27

Tags: Google

Who can stop malware? It starts with advertisers

Malware masquerading as advertising is a growing problem, and the ad industry must figure out how to weed out scammers from legitimate companies

Vidder's Software Defined Perimeter puts tight security around high value assets

Reducing the surface that needs to be protected to a single application, it's easier to apply very tight controls through Software Defined Perimeter techniques.

Agora Dark Web market discovers suspicious activity on servers, pauses operations

The Agora Dark Web market cited Tor Hidden Services security vulnerabilities that could allow de-anonymization attacks and temporarily shut down operations after discovering suspicious activity on its servers.

4 security metrics that matter

Today, management demands metrics to get a clearer view of security. Here are four metrics that deliver actionable insight -- and a few others with less value

Ashley Madison -- Can it possibly get any worse? (tl;dr: YES)

The Ashley Madison hack continues to make headlines. Naturally, that's because the news keeps getting worse. Worse for website owners Avid Media Group. And worse for the REAL victims, more importantly -- the people named in the hacked data dump...

By Richi Jennings | 25 August, 2015 13:51

Tags: security, cloud security

9 steps to make you completely anonymous online

The default state of Internet privacy is a travesty. But if you're willing to work hard, you can experience the next best thing to absolute Internet anonymity

MIT researchers create file system guaranteed not to lose data even if a PC crashes

MIT researchers created the first file system that is 'mathematically guaranteed' not to lose data even when a computer crashes.

Top Whitepapers

Featured Whitepapers