Security

Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.

data center servers and monetary symbols

security risk - phishing / malware / social engineering

What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders

With XSS, attackers enter malicious code into a web form or web app URL to trick the application into doing something it's not supposed to do.

iPhone security / unlocking, hacking or breaking into iPhone

How to use a strong passcode to better secure your iPhone

With at least two companies selling technology that can be used by law enforcement and government agencies to unlock iPhones, this would be a good time to safeguard your information with a stronger passcode. Here's how.

windows hello fingerprint

What is Windows Hello? Microsoft’s biometrics security system explained

Windows Hello gives Windows 10 users an alternative way to log into their devices and applications using a fingerprint, iris scan or facial recognition. Here’s what the technology does, who uses it and the hardware required.

facebook face recognition settings

Facebook says GDPR means ‘new privacy experiences for everyone’

Facebook will ask all its users to make decisions about how they want advertising on the platform personalized to their interests, and whether to continue sharing religious, relationship or political information on their profiles, as...

adrian sanabria
video

Is it time to kill the pen test? | Salted Hash Ep 22

Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping...

01 hot products at rsa 2018

Hottest cybersecurity products at RSA 2018

Here's a quick run-down of some of the new products announced at the conference, or shown there for the first time.

iPhone security / unlocking, hacking or breaking into iPhone

Two vendors now sell iPhone cracking technology – and police are buying

Local and regional police departments and federal agencies are lining up to buy technology from two companies whose products can bypass iPhone security mechanisms.

Adobe logo and products reflected in displays.

Adobe’s CSO talks security, the 2013 breach, and how he sets priorities

Brad Arkin has led Adobe's new approach to security and aims to make sure one of history’s biggest data breaches doesn’t happen again.

patch

6 steps for a solid patch management process

Patch management is simply the practice of updating software – most often to address vulnerabilities. Although this sounds straightforward, patch management is not an easy process for most IT organizations. Here are the steps you need...

social media multiple logos

Reputational risk and social media: When you're blocked or banned without notice

Businesses depend on sites like Facebook, Twitter, Dropbox, and Apple to interact with customers, promote their messages and store content. One complaint against you can shut you off from those services and damage your brand.

saas kaboom

Cisco broadens Tetration security delivery with cloud, virtual buying options

Cisco's Tetration-V and Tetration-SaaS give businesses interested in the security-analytics platform the option of a cloud service or software that runs on virtual appliances.

IBM Z mainframe

IBM tweaks its z14 mainframe to make it a better physical fit for the data center

IBM is making rack-mounted versions - ZR1 and Rockhopper II - of its latest z14t mainframe, that are able to securely run containerized software.

data breach thinkstock

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.

global network connections / transactions

How blockchain could solve the internet privacy problem

Blockchain, with its encrypted and immutable record, will eventually be used create universal digital identities, filled with information that only we will control and that will link back to the issuing banks, governments or even...

fact fiction debunk myths truth

5 myths of API security

In light of Panera Bread’s API-related data breach, here what is — and isn’t — true about protecting application programming interfaces.

security vulnerabilities such as hackers and cyberattacks

What hackers do: their motivations and their malware

Whether a hacker uses a computer exploit or malware, their motivations are the same. Understanding why and how hackers hack is key to your defense.

Election 2016 teaser - Electronic voting security

Voting machine vendor firewall config, passwords posted on public support forum

"This is gold" for a nation-state attacker that wanted to hack an election.

honeybot

Malicious IoT hackers have a new enemy

A robot called HoneyBot, designed by researchers at Georgia Tech’s School of Electrical and Computer Engineering, can fool bad actors into believing they have compromised an IoT device and send alerts of the attack to hasten defensive...

Load More