Security

Security | News, how-tos, features, reviews, and videos

CSO  >  Digital identity  >  personal identity / recognition + access authentication / personal data

Taxpayer First Act: Improving identity verification and modernizing the IRS

With citizens' PII at risk, some federal agencies like the IRS are moving away from knowledge-based verification. It's time for them all to follow suit.

fedora hat black hat detective spy

The best and worst of Black Hat 2019

Security rock stars? Fake science? This year's Black Hat had it all.

CSO  >  malware / virus / security threat / protective antivirus shield

Best antivirus software: 10 top tools

These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance, and usability.

7 safe browswer search legitimate url domains surfing the internet

Chrome, Firefox to expunge Extended Validation cert signals

Google and Mozilla have decided to eliminate Extended Validation signals in their desktop browsers; the certificates were designed to assure users they landed on a legitimate site, not a malicious copycat.

Windows security and protection [Windows logo/locks]

More critical Remote Desktop flaws expose Windows systems to hacking

Microsoft finds and fixes multiple RDS and RDP vulnerabilities in Windows, but new research on BlueKeep patch rates suggests many machines could remain exposed.

CSO > IoT / Internet of Things, unencrypted/unsecured/vulnerable

ICS security: Popular building management system vulnerable to takeover

Remotely exploitable vulnerability in internet-connected devices gives attackers a means to cause disruption and damage in a wide range of industries.

election hacking security 2020 election security flag global breach by stuartmiles99 getty

U.S. Rep Lieu hopeful for election security bill prospects

Congressman sees Republican softening on gun legislation as a sign they might be willing to consider election security. Calls on the security community to expose election system weaknesses.

mobile phone - privacy - security

The best privacy and security apps for Android

Forget malware scanners or over-the-top security suites: These are the apps that'll actually improve your security and protect your privacy on Android.

many office desk phones

Popular Avaya enterprise VoIP phones are vulnerable to hacking

Attackers can use the vulnerability to gain complete control of the phone. It underscores the risks of using old open-source code in IoT devices.

teamwork collaboration / leadership / development / developers / abstract data

Black Hat keynote: Why security culture needs to change

Dino Dai Zovi tells Black Hat audience to embrace a culture where security is everyone's job and risks are shared. Automation with feedback loops also key to solving security challenges at scale

p1240491 19

Microsoft relaxes telemetry rule for PCs managed with Windows Update for Business

A rule that kept privacy-first organizations from using group policies to manage the update service will no longer have to set the "diagnostic data level" for devices to Basic or above.

compromised data / security breach / vulnerability

New Spectre-like CPU vulnerability bypasses existing defenses

The SWAPGS vulnerability can allow attackers to access contents of kernel memory addresses. Microsoft and Intel have coordinated on a mitigation.

Russian hammer and sickle / binary code

Microsoft finds Russia-backed attacks that exploit IoT devices

Microsoft says default passwords, unpatched devices, poor inventory of IoT gear led to exploits against companies by Russia's STRONTIUM hacking group.

Slack logo/wordmark [2019]

Slack beefs up mobile security controls for Enterprise Grid

The latest updates to security controls for Slack’s enterprise-grade collaboration app are designed to make it easier to manage data on a range of devices.

product 24593 product shots1 image

Train to become an ethical hacker for only $39

The 2019 Ethical Hacker Master Class Bundle features 10 courses on how to combat security threats, and it even includes prep material for CompTIA certifications.

computer infection spreading

What is a computer worm? How this self-spreading malware wreaks havoc

A worm is a form of malware (malicious software) that operates as a self-contained application and can transfer and copy itself from computer to computer.

performance / show / stage

7 must-see talks at Black Hat and DEF CON 2019

Information security is fundamentally political. It's refreshing to see so many talks this year that merge policy and technology.

hacker / cryptocurrency attack

What is cryptojacking? How to prevent, detect, and recover from it

Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.

lawsuit judge law court decision sued money

Cisco pays $8.6M to settle security-software whistleblower lawsuit

Cisco will pay $2.6 million to the federal government and up to $6 million to 15 states in a settlement over video security software it stopped selling in 2014

Internet of things face

Remote code execution is possible by exploiting flaws in Vxworks

Critical vulnerabilities have been found in WindRiver’s VxWorks’ real-time operating system that powers an advertised 2B connected devices, including some networking gear.

Load More