News & Views
Content posted in December 2017
Retail Security Threat Season is in Full Swing
Simon Marshall  
12/29/2017   8 comments
Christmas shopping season is over, but shopping -- and threats to retailers and their customers -- is still going strong.
My Cybersecurity Predictions for 2018, Part 3: Protecting Killer Cars
News Analysis  
12/28/2017   12 comments
Death by autonomous auto is coming unless the industry gets security very right. The question is really whether it's already too late.
Nasties Abound: Symantec's Q3 Threat Report
Larry Loeb  
12/27/2017   14 comments
Symantec's Threat Report from the 2017 Q3 shows that malware writers are busier than ever.
Cloud Security Is a Shared Responsibility
Curt Franklin  
12/26/2017   4 comments
In the answer to a question from a recent webinar, editor Curtis Franklin looks at who's responsible for data security in the cloud.
The Hard Work of Pointing Fingers
Larry Loeb  
12/21/2017   13 comments
Pointing the finger at a perpetrator is difficult. Pointing it at the right perpetrator is even harder. That doesn't stop many organizations from trying.
My Cybersecurity Predictions for 2018, Part 2: GDPR Hype Is Hype
News Analysis  
12/21/2017   4 comments
GDPR is the biggest thing in IT privacy and security in a decade. Or its not. Joe Stanganelli on what 2018 will hold in GDPR-driven privacy.
IoT Security Is a Matter of Life & Death
Simon Marshall  
12/20/2017   16 comments
When the IoT enters the hospital room, its security becomes a matter of literal life and death.
Breach Reveals Data on All US Households
Curt Franklin  
12/20/2017   5 comments
Information on every US household has now been stolen. What does that mean for IT security?
My Cybersecurity Predictions for 2018, Part 1: Following Trends & the FTC
News Analysis  
12/19/2017   10 comments
2017 was a wild ride in cybersecurity. It's looking like 2018 won't offer any calmer ride.
Dirty Practices Make for Difficult Security
Simon Marshall  
12/19/2017   1 comment
Data hygiene is low on the priority list for most IT users, and IT security departments end up cleaning up the mess.
Picker Mentality Supercharges Malware
Larry Loeb  
12/18/2017   3 comments
The picker mentality, reusing code and techniques that have worked before, is making malware stronger and more difficult to defend against.
Security for the Broken Business
Curt Franklin  
12/18/2017   7 comments
What is the IT security's responsibility when the business itself is intrinsically secure? The first step may be to point out the obvious.
Everything Is Hackable: Now What?
News Analysis  
12/18/2017   2 comments
When everything is hackable, breach prevention can't be the only tool in the cybersecurity tool chest.
FireEye Researchers Identify Triton Malware in Industrial Systems
News Analysis  
12/15/2017   1 comment
Researchers with FireEye have found traces of a malware called Triton that has targeted industrial systems and other critical infrastructure in much the same way as Stuxnet was.
Office 365 Flaw Could Lead to 'Stealthy Admin' Headaches
Simon Marshall  
12/15/2017   1 comment
A recently discovered flaw in Microsoft's Office 365 suite could meant that a business's so-called "stealthy admins" could compromise security without even realizing it.
Russian DNS Gobbling Up Internet Traffic
Larry Loeb  
12/15/2017   Post a comment
BGPMON researchers have found that Russian DNS servers redirected Internet traffic through Russia several times earlier this month. The question is whether it's a test or a harbinger of things to come.
Small Businesses Are Cybercrime Targets
News Analysis  
12/14/2017   2 comments
Hackers aren't just after the big fish – they're coming after small businesses, as well.
Juniper Looks to Automate Security Policies for Enterprises
News Analysis  
12/14/2017   Post a comment
A skills shortage is making IT security harder: Juniper is looking to address that issue by helping businesses automate the policy process.
Cloud Security Is an Enterprise Responsibility Report
News Analysis  
12/13/2017   4 comments
When it comes to the 'shared responsibility,' enterprises and their cloud providers have equally important roles to play. However, the ultimately responsibility for protecting data falls to the business and its IT and security departments, according to NSS Labs.
5 Critical Cloud Security Questions
News Analysis  
12/13/2017   Post a comment
Security has come to the cloud; here are five questions to ask when it's time for cloud security to come to your organization.
Kaspersky Names WannaCry 'Vulnerability of the Year'
Simon Marshall  
12/12/2017   Post a comment
Of all the breaches, malware and ransomware that security researchers saw this year, WannaCry had the greatest effect, according to Kaspersky Labs.
Automation Answers Security Skills Shortage
News Analysis  
12/12/2017   Post a comment
The often-discussed cybersecurity skills shortage may find a solution in security automation.
enSilo Researchers: Your NTFS Transactions Belong to Us
Larry Loeb  
12/11/2017   6 comments
A pair of researchers from enSilo have disclosed how they created a new vulnerability within Windows-based systems that can compromise NTFS transactions, and the worst part is that security vendors are not prepared.
CFOs: Cybersecurity Is About Risk, Not Vendors
News Analysis  
12/11/2017   Post a comment
At a recent forum for CFOs, panelists discussed the pros and cons of cybersecurity products and vendors in a time where major breaches are occurring every few weeks.
Machine Learning for Ransomware Defense
News Analysis  
12/11/2017   7 comments
Ransomware keeps getting more dangerous but defense is improving, too. Machine learning might be the key to actually keeping up with the level of attacks.
Startup Attivo Advocates for 'Deceptive' Security Protection
Simon Marshall  
12/8/2017   5 comments
When it comes to security, how deceptive should enterprises be to thwart cybercriminals? Attivo Networks and a number of other security startups are advocating a different approach.
More Security Might Not Cure Ransomware
News Analysis  
12/8/2017   11 comments
Ransomware is definitely a security issue, but 'more security' may not be the solution so many are looking for.
Global Security Spending Will Top $96B in 2018 Report
News Analysis  
12/7/2017   2 comments
Gartner is predicting that worldwide spending on security will increase 8% between 2017 and 2018 to reach $96 billion. New regulations, such as the GDPR in Europe, are forcing enterprises to spend more.
Equifax Breach Points to Similar Security Concerns Report
Simon Marshall  
12/7/2017   2 comments
The Equifax breach earlier this year exposed more than 140 million personal records, shocking many people. However, a new Fortinet report shows that the vulnerabilities used in that attack are becoming more common.
Keys to Moving Security to the Cloud
News Analysis  
12/7/2017   1 comment
Security in the cloud may be the security you need; here is how to know where your security should live.
Crypto Wars: The Show That Never Ends
Larry Loeb  
12/6/2017   8 comments
The German Interior Ministry is spearheading an effort to create a new law that would require tech companies to provide backdoors for a range of devices. It's the latest salvo in the war over encryption.
Surviving the Holiday Bot Security Surge
News Analysis  
12/6/2017   6 comments
Bots can make security life interesting at any time. In the holiday shopping frenzy they're going to cause problems for retailers, wholesalers and anyone else touching the public Internet.
Andromeda Botnet Dismantled by International Law Enforcement Coalition
News Analysis  
12/5/2017   4 comments
The FBI, along with several other European law enforcement agencies, shut down the massive Andromeda Botnet, which was involved in 80 different malware families and infected millions of PCs.
The Security Risk Lurking in the Board of Directors
Simon Marshall  
12/5/2017   2 comments
Corporate boards are a significant security concern, according to new research from Palo Alto Networks. However, there are ways for CSOs to mitigate this internal threat.
Security Lessons From Japanese Castles
News Analysis  
12/5/2017   1 comment
The design of feudal Japanese castles can teach us a lot about modern computer security.
Device Servers May Have Leaked Telnet Passwords for Years
Larry Loeb  
12/4/2017   2 comments
A security researcher has found that servers that connect older, industrial hardware to the Internet have been leaking Telnet passwords, possibly for years.
Too Many Alerts: A Holiday Infosec Horror Story
News Analysis  
12/4/2017   1 comment
Too many alerts can be as catastrophic as too few. But how do you manage to get just enough warning messages?
Wearables Bring Privacy & Security Headaches to the Enterprise
Curt Franklin  
12/1/2017   1 comment
A new generation of wearables is creating a new level of vulnerability for business networks.
Identity Issues: A Friday Haiku
Curt Franklin  
12/1/2017   3 comments
Identity matters; the real question is how to figure out who you really are.
Email Bug Shows Flaws in Reporting System
Larry Loeb  
12/1/2017   Post a comment
When one of the world's most commonly used email applications doesn't have a bug-reporting system, things get very public very quickly.

Latest Articles
Cisco's research has proven that beyond meeting compliance requirements, good privacy is good for business and individuals.
Once again, a novel 'speculative execution side-channel' attack has been discovered by researchers.
Security researchers have found that the implementation in Remote Desktop Gateway of string segmentation lays it open to memory corruption vulnerabilities.
In Q4 of 2019, the average ransom payment increased by 104% to $84,116, finds Coveware report.
DHS-CISA has issued a security advisory about GE Carescape medical instrumentation that enumerates many vulnerabilities present in them.
Information Resources
upcoming Webinars
Top Tips for Blocking pwned [email protected]$$wOrds in Your Organization
Tuesday, October 29, 2019
12 p.m. New York/ 4:00 p.m. London
Podcast: Infrastructure Hunting – Stopping Bad Actors in Their Tracks
Being able to effectively build a threat intelligence ecosystem or threat-hunting identification response requires both user and systems sophistication and capabilities. Security, orchestration, automation and response (SOAR) is a new technology designed to provide organizations a single comprehensive platform they can use to implement an intelligence driven security strategy.
Podcast: Digital Transformation, SD-WAN & Optimal Security
Dan Reis chats to Cybera's Josh Flynn about how to achieve digital transformation without sacrificing security.
Podcast archive
Flash Poll
In a wide-ranging interview, Cisco security boss Gee Rittenhouse talks about how machine learning, AI, blockchain and other emerging technologies ...
CloudPassage's new technology, called Container Secure, involves a five-step process to ensure seamless security in container deployments from the ...
You can't so much as go to a coffee shop today without hearing the word 'blockchain.' Hearing about a useful blockchain is less common, but ...
Last year, 60 million companies changed owners worldwide. That turnover makes it incredibly difficult to avoid doing business with entities (e.g., ...
Keith Furst of Data Derivatives interviews Daniel Wagner, author of a new book, Virtual Terror: 21st Century Cyber Warfare. They discuss the ways ...
All Videos
Sponsored Video
Sage Wagner, senior security pre-sales engineer with RiskSense, provides a demo of the company's latest technology 'RiskSense Solution,' a ...
Janus Technologies is launching a line of products that protect against the many threats to enterprises' sensitive data. David Schultz, vice ...
This new video will inspire companies to reimagine their business for success in a world where connectivity is more than a commodity. Sponsored Video
All Videos
like us on facebook
Security Now
About Us     Contact Us     Help     Register     Events     Supporting Partners     Twitter     Facebook     RSS
Copyright © 2020 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved. Privacy Policy | Cookie Policy | Terms of Use
in partnership with