Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

Researcher tricks Symantec into revoking certificates based on forged private keys – Comodo did not fall for the same trick [Read More]
Tor launches public bug bounty program with rewards of up to $4,000 per vulnerability, depending on impact and severity [Read More]
Vulnerabilities found by researchers in the Segway miniPRO allow hackers to take control of the hoverboard and possibly cause injury to the rider [Read More]
A security audit of Firefox Accounts revealed a total of 15 issues, including flaws rated critical and high severity [Read More]
A vulnerability dubbed by researchers Devil’s Ivy could affect millions of security cameras and other IoT devices [Read More]
Dow Jones has exposed the details of millions of customers via a misconfigured AWS S3 bucket [Read More]
Fuzzing reveals several DoS and remote code execution vulnerabilities in FreeRADIUS [Read More]
Owner of cheating service Ashley Madison offers to pay $11.2 million to settle data breach lawsuits [Read More]
Boundary protection weaknesses remain the most prevalent in critical infrastructure sectors, according to assessments conducted in 2016 by ICS-CERT [Read More]
Social media giants like Facebook and WhatsApp will be compelled to share encrypted messages of suspected terrorists and other criminals with Australian police under new laws unveiled Friday. [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Lance Cottrell's picture
By surreptitiously monitoring and engaging with potential attackers and malware developers you can successfully gain information about emerging attack methods, patterns, and practices in the cyber underground.
Jim Ivers's picture
With the advent of connected devices, privacy and security have become tightly linked because theft of private data is often the goal of malicious attacks.
Jim Ivers's picture
Enlightened toy manufacturers likely begin to embrace the basic concepts of IoT security and build connected toys that can be trusted by parents.
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Erin O’Malley's picture
Today, we expect ultimate convenience. But at what cost? More and more, I’m left wondering whether modern conveniences—grâce à today’s advanced technologies—are truly worth the risk.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.
David Holmes's picture
The portion of encrypted traffic keeps rising, so IT security administrators will be forced to do more SSL decryption if they are to get any value at all out of their fancy security tools.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.