Sign up for our weekly newsletter!
News & Views
Content posted in November 2017
IoT Regulation Could Save the Internet
News Analysis  
11/30/2017   Post a comment
Momentum may be building for meaningful (and useful) security regulations for the IoT.
AWS Adds Security Management to Growing Portfolio
Simon Marshall  
11/30/2017   Post a comment
AWS has announced major new security management features for its massive public cloud infrastructure.
Major Apple Flaw Found, Fixed & Still Dangerous
Curt Franklin  
11/29/2017   13 comments
A vulnerability in MacOS High Sierra could leave Macs open and vulnerable in the world of the Internet.
Intel Management Engine Has a Big Problem
Larry Loeb  
11/29/2017   9 comments
Intel's Management Engine has a vulnerability that could allow an attacker to own your entire system. And they aren't planning to fix it.
AI Prepares for Security Spotlight
Simon Marshall  
11/29/2017   1 comment
Versive puts AI to work finding and identifying cybersecurity threats.
Aporeto Launches Zero Trust Security Solution
Curt Franklin  
11/28/2017   2 comments
A new security approach from Aporeto assumes that your network security is leaky as a sieve.
PreVeil Pushes Encryption Past the End
Simon Marshall  
11/28/2017   1 comment
PreVeil is pushing encryption beyond its normal endpoints to protect data wherever it is.
McAfee Buys SkyHigh Networks for CASB Functions
Curt Franklin  
11/27/2017   Post a comment
McAfee has announced that it is purchasing CASB pioneer Skyhigh Networks to bring cloud security to the endpoint security giant.
DDoS Attacks Trend in a Bad Direction
Simon Marshall  
11/27/2017   2 comments
DDoS attacks aren't going away; they're becoming larger, more frequent and more frequently used in conjunction with other attacks.
Microsoft Misses Memory Mistake: The Security That Wasn't
Larry Loeb  
11/27/2017   Post a comment
An error in implementing a security routine means millions of users thought to be protected against a particular attack were actually more vulnerable than ever.
Security Executives Respond to Uber Breach News
Curt Franklin  
11/22/2017   36 comments
The news from Uber is rippling across the business landscape. Executives and leaders have a variety of responses to the breach and its aftermath. Here's a roundup of some of those reactions.
Uber Loses Customer Data: Customers Yawn & Keep Riding
News Analysis  
11/22/2017   57 comments
Uber's latest breach revelations offer lessons in how not to respond to a breach. Is it a good thing, or a bad thing, that customers don't seem to care?
Common Sense Means Rethinking NIST Password Rules
News Analysis  
11/21/2017   2 comments
NIST has provided guidance on passwords but those rules conflict with the real world. The world isn't changing, so the guidance should shift.
It's Inevitable: You've Been Hacked
Curt Franklin  
11/20/2017   4 comments
If your personal information is available on the Internet, you should assume that a hacker has it.
The Face of Enterprise Security
Larry Loeb  
11/20/2017   14 comments
Facial recognition is starting to grow as a technology on consumer devices; what does that mean for your enterprise security?
Quad9 Brings Secure DNS to the Masses
Curt Franklin  
11/17/2017   2 comments
An industry alliance has introduced Quad9, a free DNS service that can protect users from phishing, bots and malware websites.
Friday Haiku: A Shopping Chill
Curt Franklin  
11/17/2017   62 comments
A cautionary note for the season in this week's Friday Haiku.
Barracuda Launches Next-Gen Cloud Firewalls
Curt Franklin  
11/17/2017   2 comments
A new set of features makes Barracuda's newest firewalls 'cloud-generation' services.
10 Clues That Network Traffic Is Bad
News Analysis  
11/16/2017   Post a comment
Threats often come in the form of bad network traffic. These 10 tips tell you whether bad traffic is worth worrying about.
Kaspersky Takes on 2018
Simon Marshall  
11/16/2017   3 comments
Kaspersky Labs has released its security predictions for 2018 and there are troubling trends ahead.
iPhone's Facial Recognition Shows Cracks
Curt Franklin  
11/15/2017   2 comments
A research firm says that it has successfully spoofed the facial recognition technology used in Apple's flagship iPhone X.
Should Security Silos Still Stand?
Simon Marshall  
11/15/2017   Post a comment
DevSecOps would tear down every functional silo in security. Is that a good thing, or do corporate silos still serve a valuable purpose?
The Gift of Simple Security
Simon Marshall  
11/14/2017   1 comment
Alert Logic's Marc Willebeek-Lemair has seen complex security and now thinks that simple solutions are the best for most enterprises.
SOCs Become Service Targets
Curt Franklin  
11/13/2017   Post a comment
MSSPs are becoming SOCaaS providers. Is it a natural evolution or a short-lived phenomenon in the as-a-service world?
Cybersecurity Skills Gap Hits Across the Board
Curt Franklin  
11/13/2017   Post a comment
The massive shortfall in cybersecurity professionals is having an impact on organizations of all types and sizes.
New Research: Phishing Is Worse Than You Thought
Curt Franklin  
11/10/2017   4 comments
A new report led by Google researchers shows that phishing attacks are incredibly effective at stealing useful credentials from users.
No Lock-Pick Required: The Friday Haiku
Curt Franklin  
11/10/2017   3 comments
Why pick a lock when keys are so common?
Dispatch From the CyberWar: An Interview With Joseph Carson
Simon Marshall  
11/10/2017   Post a comment
Joseph Carson was on the ground when Estonia suffered a series of massive cyber attacks. In this exclusive interview, he talks about what happened and what the world should learn.
GDPR: Broad, Complex & Coming Soon
News Analysis  
11/9/2017   2 comments
GDPR will likely have an impact on your business very soon – whether or not you have a location in the EU.
Security Must Stand Up to Bullying, Harassment
Curt Franklin  
11/9/2017   1 comment
Today's IT security is about much more than data loss. It's time for the security group to embrace its role in protecting the people within the organization.
Developers Lack Confidence in Application Security
Curt Franklin  
11/8/2017   1 comment
A new survey says that developers aren't confident that their applications are secure – but they find solace in obscurity.
SlashNext Seeks an End to the Sandbox
Simon Marshall  
11/8/2017   1 comment
Sandboxing isn't effective in the modern world, according to startup SlashNext. But what, precisely, comes next?
GPS Comes Under Spoofing Attack
Curt Franklin  
11/7/2017   2 comments
A spoofing attack leaves ships reported at airports and captains answering alarms from every system.
Gladius Brings Distributed Defense to DDoS
Andy Patrizio  
11/7/2017   1 comment
You can either build dozens of data centers or you can harness millions of volunteer clients to deal with DDoS. Which one would you choose?
This Aggressive Panda Steals Your Credentials
Simon Marshall  
11/6/2017   3 comments
Zeus Panda can sneak in through a search engine and leave with all your credentials.
A Blockchain Platform: The Security Now Bloqchain Science Interview
Security TV  
11/6/2017   1 comment
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but putting the distributed ledger technology to good use is the idea behind Bloqchain.
Friday Haiku: Snow-Capped Mountains
Curt Franklin  
11/3/2017   7 comments
How much ID theft is coming this season?
Synopsys Swallows Black Duck in $565M Deal
Curt Franklin  
11/3/2017   Post a comment
Black Duck has become part of Synopsys in a deal that brings open source expertise to the Synopsys software integrity platform.
Recorded Future Takes $25M in Final Funding Round
Simon Marshall  
11/3/2017   1 comment
Recorded Future finishes venture funding with money to build out a threat intelligence platform.
New Ransomware Attack Targets Japan
Curt Franklin  
11/2/2017   4 comments
ONI is the latest ransomware attack, but this time encrypted files are just the beginning.
Open Source is Getting Safer
Simon Marshall  
11/1/2017   6 comments
Open source is not unsafe by nature, and a new report has numbers to back that up. If your software is unsafe, blame programming, not the license.
WannaCry Was an Avoidable Mess for NHS
Curt Franklin  
11/1/2017   2 comments
A new report says that the UK's NHS could have avoided WannaCry entirely. Is it possible to secure a network from the ravages of bottom-line focused management?
Demisto Brings Bots to Security Noise
Simon Marshall  
11/1/2017   1 comment
A Security Now company profile of security automation firm Demisto.

Latest Articles
Palo Alto Network's Unit 42 has found the first cryptocurrency miner malware that spreads like a worm through the use of Docker containers.
Artificial intelligence (AI) is creating a new frontier in information security. Systems that independently learn, reason and act will increasingly replicate human behavior. Just like humans, they will be imperfect, but also capable of achieving great things.
Palo Alto Networks' Unit 42 researchers have discovered a new and previously undocumented Remote Access Tool (RAT).
Researcher finds Sophos firewalls can allow net-based RCE without authentication.
The rise of DevSecOps may be the reason that 70% of respondents to Radware's survey stated that the CISO was not the top influencer in deciding on security software policy.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with