Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Company confirms cybercriminals used malware to steal payment card data from nearly 40 Shoney’s restaurants [Read More]
British payday loan company Wonga suffers data breach. The incident could affect up to 270,000 current and former customers [Read More]
QNAP patches 20 vulnerabilities in NAS products, including ones that can be exploited to take control of affected devices [Read More]
Certificate validation vulnerability in Apple Music for Android allows MitM attackers to intercept sensitive user data [Read More]
Honeywell has launched a new product designed to protect industrial facilities from USB-borne threats [Read More]
The International Association of Athletics Federations (IAAF) says Fancy Bear cyberspies breached its systems and accessed athlete medical records [Read More]
Schneider Electric patches several vulnerabilities in Modicon PLCs and Wonderware InTouch HMI products [Read More]
WikiLeaks publishes information and source code for framework used by CIA to make analysis of its tools and attribution more difficult [Read More]
Nearly 1.4 billion data records were compromised in 2016, according to Gemalto’s latest Breach Level Index [Read More]
Google researcher Tavis Ormandy has identified a new vulnerability in the LastPass browser extension. LastPass is working on a fix [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.
Travis Greene's picture
Whether US government officials improve their handling of classified information in the new administration or not, industry can certainty learn from the blunders and reduce risks.
Eddie Garcia's picture
To reduce the chances of falling victim to an insider-driven breach, security and risk professionals should start by learning what their available data can tell them.
Aditya Sood's picture
The cloud is here to stay, and so long as employees use cloud apps from within an organization’s firewall, we’ll always have to wrangle with Shadow IT, Shadow Data and the attendant problems and risks.
Steven Grossman's picture
Beginning November 30, 2016, DoD third party contractors will be required to establish and maintain an insider threat program.
Eddie Garcia's picture
This article explains how to encrypt data in a Hadoop cluster. The tools are available, and if you are brave enough, you could attempt this at home.
Eddie Garcia's picture
A common misconception about native HDFS encryption is the belief that the data is encrypted when written to disk on the data nodes like most disk encryption solutions.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.
Bill Sweeney's picture
Enterprises have to worry about the surface area that is open for attack and the challenge of detecting attacks quickly when they are occurring. In every instance simplification will help.