Security

Security | News, how-tos, features, reviews, and videos

trojan horse malware virus binary by v graphix getty

What is a Trojan horse? How this tricky malware works

A Trojan horse is a type of malware that can wreak havoc on computer networks — but only with your unwitting help.

speedometer / speed / fast / high performing / limits

A new website explains data breach risk

Breach Clarity ranks the risk of stolen or exposed personal data. It's a much needed work in progress.

7 safe browswer search legitimate url domains surfing the internet

Google asks Chrome users for help in spotting deceptive sites

An add-on being offered by Google for its Chrome browser will allow users to report suspicious or unsafe websites.

CSO > Security automation

New MongoDB field-level encryption can help prevent data breaches

MongoDB aims to prevent exposed data stores by encrypting data in a way that makes it useless if compromised.

mike assante cyber security guru by ryan g poirier

Mike Assante’s lasting impact on critical infrastructure security (and me)

Thanks to Mike Assante, critical infrastructure stakeholders have a better understanding of and ability to respond to cybersecurity risks.

dns veteran paul vixie internet pioneer by jamie rain lunch break headshots

DNS hijacking grabs headlines, but it’s just the tip of the iceberg

DNS pioneer Paul Vixie contemplates missed opportunities for improving internet security and advocates for widespread use of DNSSEC, which he helped create, and which he believes would go a long way toward improving DNS security.

Report: Mirai tries to wrap its tentacles around SD-WAN

Palo Alto Networks’ security team says an update of the infamous IoT-focused Mirai software targets enterprise-grade SD-WAN appliances

keep out sign do not tresspass privacy authentication access barbed wire by tim husser getty

What is PKI? And how it secures just about everything online

Public key infrastructure (PKI) is a catch-all term for everything used to establish and manage public key encryption, one of the most common forms of internet encryption. It is baked into every web browser in use today to secure...

rambleed ram memory card hardware hack breach binary by 13threephotography getty

Rowhammer variant RAMBleed allows attackers to steal secrets from RAM

Unlike Rowhammer, which only allows for data corruption, the newly discovered RAMBleed vulnerability provides a way to grab data such as encryption keys from memory.

3 patch training update software band aid laptop with virus binary

Microsoft is better at documenting patch problems, but issues abound

For years we’ve been flailing around in the dark after bad patches wreaked havoc on Windows PCs. It often took days, or weeks, to identify bugs based on sporadic reports. The last two months have seen improvement, but there's still a...

CSO slideshow - Insider Security Breaches - Flag of China, binary code

Why the Huawei ban is bad for security

Many believe the ban on exporting U.S. technology to Chinese company Huawei could hurt American tech vendors and do little to mitigate supply chain threats.

mozilla firefox primary

Mozilla makes anti-tracking the Firefox default

The Enhanced Tracking Protection technology, which Mozilla has been talking up since 2015, is part of Firefox 67.0.1.

nwan 019 iiot

Cisco to buy IoT security, management firm Sentryo

Buying Sentryo will give Cisco support for anomaly and real-time threat detection for the industrial internet of things.

8 getting breached is bad for business

From phish to network compromise in two hours: How Carbanak operates

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here's a detailed analysis by Bitdefender of an attack on one bank.

CSO > Phishing attacks that bypass two-factor authentication

Phishing attacks that bypass 2-factor authentication are now easier to execute

Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.

CSO > Security mechanisms vs. fiery threats

Public SAP exploits could enable attacks against thousands of companies

A recently released exploit takes advantage of a known configuration vulnerability that persists among many on-premise and cloud SAP instances. Here's what companies using SAP should do.

CSO > Micsoroft Windows logo emblazoned on a security shield in a field of abstract binary data.
Updated

Best new Windows 10 security features: Windows Sandbox, more update options

Here's what you need to know about each security update to Windows 10 as they roll out from Microsoft. Now updated for the 1903 feature release.

CSO > phishing / social engineering / security threat

Cisco security spotlights Microsoft Office 365 e-mail phishing increase

The leading e-mail service— in Microsoft’s Office 365 package – seems to be getting the most attention from those attackers hellbent on stealing enterprise data or your private information via phishing attacks.

European Union, EU

General Data Protection Regulation (GDPR): What you need to know to stay compliant

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

crypto currency circuit nodes digital wallet bitcoin blockchain

AT&T becomes first big mobile carrier to accept Bitcoin payments

AT&T joins a small list of e-commerce businesses who now accept cryptocurrency, a form of payment growing in popularity – especially among younger customers.

Load More