Content posted in December 2017
Retail Security Threat Season is in Full Swing
Simon Marshall  
12/29/2017   8 comments
Christmas shopping season is over, but shopping -- and threats to retailers and their customers -- is still going strong.
Nasties Abound: Symantec's Q3 Threat Report
Larry Loeb  
12/27/2017   14 comments
Symantec's Threat Report from the 2017 Q3 shows that malware writers are busier than ever.
Cloud Security Is a Shared Responsibility
Curt Franklin  
12/26/2017   4 comments
In the answer to a question from a recent webinar, editor Curtis Franklin looks at who's responsible for data security in the cloud.
The Hard Work of Pointing Fingers
Larry Loeb  
12/21/2017   13 comments
Pointing the finger at a perpetrator is difficult. Pointing it at the right perpetrator is even harder. That doesn't stop many organizations from trying.
IoT Security Is a Matter of Life & Death
Simon Marshall  
12/20/2017   16 comments
When the IoT enters the hospital room, its security becomes a matter of literal life and death.
Breach Reveals Data on All US Households
Curt Franklin  
12/20/2017   5 comments
Information on every US household has now been stolen. What does that mean for IT security?
Dirty Practices Make for Difficult Security
Simon Marshall  
12/19/2017   1 comment
Data hygiene is low on the priority list for most IT users, and IT security departments end up cleaning up the mess.
Picker Mentality Supercharges Malware
Larry Loeb  
12/18/2017   3 comments
The picker mentality, reusing code and techniques that have worked before, is making malware stronger and more difficult to defend against.
Security for the Broken Business
Curt Franklin  
12/18/2017   7 comments
What is the IT security's responsibility when the business itself is intrinsically secure? The first step may be to point out the obvious.
Office 365 Flaw Could Lead to 'Stealthy Admin' Headaches
Simon Marshall  
12/15/2017   1 comment
A recently discovered flaw in Microsoft's Office 365 suite could meant that a business's so-called "stealthy admins" could compromise security without even realizing it.
Russian DNS Gobbling Up Internet Traffic
Larry Loeb  
12/15/2017   Post a comment
BGPMON researchers have found that Russian DNS servers redirected Internet traffic through Russia several times earlier this month. The question is whether it's a test or a harbinger of things to come.
Kaspersky Names WannaCry 'Vulnerability of the Year'
Simon Marshall  
12/12/2017   Post a comment
Of all the breaches, malware and ransomware that security researchers saw this year, WannaCry had the greatest effect, according to Kaspersky Labs.
enSilo Researchers: Your NTFS Transactions Belong to Us
Larry Loeb  
12/11/2017   6 comments
A pair of researchers from enSilo have disclosed how they created a new vulnerability within Windows-based systems that can compromise NTFS transactions, and the worst part is that security vendors are not prepared.
Startup Attivo Advocates for 'Deceptive' Security Protection
Simon Marshall  
12/8/2017   5 comments
When it comes to security, how deceptive should enterprises be to thwart cybercriminals? Attivo Networks and a number of other security startups are advocating a different approach.
Equifax Breach Points to Similar Security Concerns – Report
Simon Marshall  
12/7/2017   2 comments
The Equifax breach earlier this year exposed more than 140 million personal records, shocking many people. However, a new Fortinet report shows that the vulnerabilities used in that attack are becoming more common.
Crypto Wars: The Show That Never Ends
Larry Loeb  
12/6/2017   8 comments
The German Interior Ministry is spearheading an effort to create a new law that would require tech companies to provide backdoors for a range of devices. It's the latest salvo in the war over encryption.
The Security Risk Lurking in the Board of Directors
Simon Marshall  
12/5/2017   2 comments
Corporate boards are a significant security concern, according to new research from Palo Alto Networks. However, there are ways for CSOs to mitigate this internal threat.
Device Servers May Have Leaked Telnet Passwords for Years
Larry Loeb  
12/4/2017   2 comments
A security researcher has found that servers that connect older, industrial hardware to the Internet have been leaking Telnet passwords, possibly for years.
Wearables Bring Privacy & Security Headaches to the Enterprise
Curt Franklin  
12/1/2017   1 comment
A new generation of wearables is creating a new level of vulnerability for business networks.
Identity Issues: A Friday Haiku
Curt Franklin  
12/1/2017   3 comments
Identity matters; the real question is how to figure out who you really are.
Email Bug Shows Flaws in Reporting System
Larry Loeb  
12/1/2017   Post a comment
When one of the world's most commonly used email applications doesn't have a bug-reporting system, things get very public very quickly.

Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with