Sign up for our weekly newsletter!
News & Views
Content posted in October 2017
Ted Schlein: Interview With a Capitalist
Curt Franklin  
10/31/2017   2 comments
Ted Schlein is a partner with the most storied venture capital fund in Silicon Valley. When Ted talks about cybersecurity, people listen.
A New Fence: The Software-Defined Perimeter
News Analysis  
10/31/2017   4 comments
The network perimeter is dead: Long live the new perimeter! The boundary of your enterprise network can now be defined by software – but is that the right answer for your organization?
The 5 Nightmare (Breaches) Before Halloween
News Analysis  
10/30/2017   7 comments
You're going to be hit by a breach. Which one, and in what guise it comes, will determine just how scary it's going to be.
CAPTCHA Is Vulnerable
Larry Loeb  
10/30/2017   22 comments
A group of researchers have demonstrated a vulnerability in the widely used CAPTCHA scheme – a vulnerability that may mean the end of CAPTCHA as we know it.
Ted Schlein Hates Passwords
Curt Franklin  
10/27/2017   64 comments
He hates user names, too, and thinks we should get rid of them. In a keynote address at Networking the Future in Tampa, Fla., he discussed why.
Kaspersky's US Gov Woes Continue
Simon Marshall  
10/27/2017   5 comments
Kaspersky has admitted that its software grabbed a classified file from a private computer. Does it prove the US government's claims – or prove that Kaspersky is a good global citizen?
Is Your Security Military-Grade?
Curt Franklin  
10/26/2017   4 comments
Simple civilian security won't cut it for most businesses. It's time to take your cybersecurity mil-spec.
Ways to Win the Security Skills Challenge
News Analysis  
10/26/2017   3 comments
Finding and keeping skilled security professionals is hard. But there are ways that can work to keep your best employees on-board and happy.
Bad Rabbit Breeds Ransomware Fears
Curt Franklin  
10/25/2017   2 comments
A new breed of ransomware has hit Russia and Eastern Europe. Bad Rabbit could hop the Atlantic and wreak havoc on North American systems.
Will Transparency Save Kaspersky?
Simon Marshall  
10/25/2017   4 comments
Kaspersky is trying radical transparency to counter accusations that it acts as a front for Russian intelligence. Will it be enough to quiet the skeptics?
A New BotNet Is Growing: Are You Already Part of Its Army?
Curt Franklin  
10/24/2017   3 comments
The IoT_Reaper botnet is new and growing. Are your IoT devices already part of a criminal system that will cripple the Internet?
CNCF Adopts 2 Container Security Projects
Curt Franklin  
10/24/2017   Post a comment
A pair of new open source container security projects find a home at the CNCF. Enterprise Cloud News' Scott Ferguson reports the details.
You Must Know Blockchain
Curt Franklin  
10/23/2017   2 comments
Even if you're not planning to use it any time soon, the signs are clear: You must know the technology of blockchain.
The Simplicity of a Wordpress Hack
Larry Loeb  
10/23/2017   18 comments
The latest Wordpress hack is serious, but it's not part of some grand conspiracy among hackers.
Financial Institutions Lack Confidence in Their Own Defenses
Curt Franklin  
10/20/2017   1 comment
Financial institutions are fighting fraud with tools that aren't completely up to the task, according to the results of a new survey out this week.
Contesting Control of Container Security
Simon Marshall  
10/20/2017   2 comments
Who should control container security? It's a question that is gaining importance as containers become a favored mechanism for enterprise development.
How Can You Beat the Widespread ROCA?
Curt Franklin  
10/19/2017   1 comment
ROCA is a vulnerability hitting millions of devices. How can you tell if yours are affected – and what can you do if they are?
GDPR Pressure Begins on US Multinationals
Simon Marshall  
10/19/2017   Post a comment
GDPR may be an EU regulation but it will have a significant impact on US companies doing business with any European customer, and the impact will start soon.
Can the IoT Be More Secure?
News Analysis  
10/19/2017   1 comment
The IoT has lots of insecurity built in – but here are some ways to make it more secure.
Necurs Malware Wants a Selfie With Your Desktop
Curt Franklin  
10/18/2017   8 comments
Necurs has returned and this time it's carrying a payload that takes a picture of your desktop.
McAfee Brings AI to Security With New Products
Curt Franklin  
10/18/2017   1 comment
McAfee has announced new products at MPOWER – products that bring AI and machine learning to security analytics.
KRACK Attack: How Enterprises Can Protect Their WiFi
Curt Franklin  
10/17/2017   7 comments
A flaw in the WPA2 protocol means that most WiFi networks worldwide are open to successful attack.
Attivo Goes On the Attack Against Hackers
Simon Marshall  
10/17/2017   2 comments
Attivo gets $21 million in new funding to take the fight to hackers through advanced deception.
HONEST Poll Results: How Much Should You Encrypt?
Curt Franklin  
10/16/2017   6 comments
What is the 'Goldilocks Zone' when it comes to encryption? Security Now community members speak out in our latest poll.
CoinHive Mines New Malware Potential
Larry Loeb  
10/16/2017   3 comments
Some websites have developed a new revenue stream. Unfortunately, it involves placing malware on visitors' computers.
Cisco Talos Team Tackles Top-Tier TXT Threat
Simon Marshall  
10/13/2017   1 comment
Talos researchers have taken down an attack aimed at the Securities and Exchange Commission.
Risk & Reality Take Different Paths in Cybersecurity
Curt Franklin  
10/13/2017   3 comments
A new study by Barracuda shows once again that the reality and perception of cyberrisks are two very different things.
Security by Discomfort
News Analysis  
10/12/2017   3 comments
If you want to bridge the talent gap, look beyond the usual pool of corporate candidates to fill infosec positions.
ShiftLeft Secures Code Pre-Threat
Simon Marshall  
10/12/2017   4 comments
Startup ShiftLeft is moving security forward in the software development lifecycle.
Final Decision in Dreamhost Battle With DOJ
Curt Franklin  
10/11/2017   Post a comment
In the legal battle between the Department of Justice and Dreamhost, a resolution and a victory.
Rowhammer Attack Pounds With Precision
Larry Loeb  
10/11/2017   1 comment
A new variant of the Rowhammer attack can work around every known defense.
How Companies Avoid Doing Business With Sanctioned Entities
Security TV  
10/10/2017   1 comment
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., Russia and Iran) or individuals (e.g., drug dealers or terrorists) sanctioned by the US government. In this video, Bureau van Dijk's Anders Rodenberg explains the Office of Foreign Assets Control (OFAC) '50% rule' and how companies can ensure they're in compliance with it.
PoohMilk Is Advanced Spear-Phishing
Simon Marshall  
10/10/2017   3 comments
A new vulnerability in Microsoft Office means a new opportunity for phishing – and PoohMilk answers the call.
Where Should Security Live?
News Analysis  
10/6/2017   3 comments
Security can sit in many locations. Where is the best spot for your organization's security center?
Friday Haiku: Waves in the Harbor
Curt Franklin  
10/6/2017   5 comments
Do calm winds aloft mean peaceful waves at anchor?
SONIC Quiet on Data Breach Details
Simon Marshall  
10/6/2017   10 comments
Drive-in restaurant chain SONIC has suffered a breach but customers and the public are still looking for critical details.
Gartner Says Real Security Starts With a Mission
Curt Franklin  
10/6/2017   1 comment
Security for the digital organization starts with a mission that has executive support; the process from mission to execution is step-by-step.
CLKSCREW Hack Breaks Hardware With Software
Larry Loeb  
10/5/2017   4 comments
A new technique can hack into even secure systems by overwhelming with simple commands.
Finding the AI ROI
Simon Marshall  
10/5/2017   Post a comment
Is AI a good security investment? Many say yes, but it depends on how you deploy your artificial intelligence.
Yahoo Breach News Just Gets Worse
Curt Franklin  
10/4/2017   36 comments
It turns out that more than 3 billion accounts were compromised in the Yahoo breach originally disclosed last year.
Simple Steps to Online Safety for Cybersecurity Awareness Month
News Analysis  
10/4/2017   12 comments
National Cybersecurity Awareness Month is a great time to give your users a new list of security tips.
Gartner Lists Security Trends for 2018
Curt Franklin  
10/3/2017   1 comment
A session at Gartner Symposium/ITxpo laid out security trends for the coming year.
A Month for Cybersecurity
Simon Marshall  
10/3/2017   2 comments
It's National Cybersecurity Awareness Month, a time to think about, plan and deploy better cybersecurity for your organization.
Gartner Analysts See AI Augmenting Security
Curt Franklin  
10/2/2017   Post a comment
Gartner analysts don't think AI will replace humans in security; instead it will be a critical piece of a better security infrastructure.
Gartner Symposium Opens in Orlando
Curt Franklin  
10/2/2017   1 comment
Gartner Symposium ITXpo is opening today in Orlando. Security Now is there to bring you the latest from the analysts and consultants at one of the most influential firms in the IT industry.
Sunflower Security Mixes Lights, Drones for Safer Buildings
Simon Marshall  
10/2/2017   Post a comment
A new security company may change the way we think about residential security.
Security Fails in Third-Party Hands
Larry Loeb  
10/2/2017   2 comments
Your security may rest in the hands of a third party – and those hands will probably let you down.

Latest Articles
Palo Alto Network's Unit 42 has found the first cryptocurrency miner malware that spreads like a worm through the use of Docker containers.
Artificial intelligence (AI) is creating a new frontier in information security. Systems that independently learn, reason and act will increasingly replicate human behavior. Just like humans, they will be imperfect, but also capable of achieving great things.
Palo Alto Networks' Unit 42 researchers have discovered a new and previously undocumented Remote Access Tool (RAT).
Researcher finds Sophos firewalls can allow net-based RCE without authentication.
The rise of DevSecOps may be the reason that 70% of respondents to Radware's survey stated that the CISO was not the top influencer in deciding on security software policy.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with