April 30, 2014 Added by:Tripwire Inc
For all of the chaos and exposure that came with the Heartbleed OpenSSL vulnerability, there is one thing that the security community got right – broad, loud communication to everyone and their mother.
April 23, 2014 Added by:Tripwire Inc
Know what you have, know how it’s vulnerable, configure it securely, and continuously monitor it to ensure it isn’t compromised and remains secure.
April 22, 2014 Added by:Anthony M. Freed
NIST has officially announced the decision to remove the cryptographic algorithm from its revised guidance on random number generators
April 16, 2014 Added by:David Navetta
Overall, in most cases, the Heartbleed vulnerability and associated security and legal risk is manageable as long as organizations take swift action to remediate their risk.
April 16, 2014 Added by:Tripwire Inc
One of the basic security measures that every company should be taking is giving security awareness training to its employees.
April 16, 2014 Added by:Rebecca Herold
The OpenSSL Heartbleed vulnerability has resurrected the age-old debate of whether or not open source code is more or less secure than proprietary code.
April 15, 2014 Added by:Tripwire Inc
One common theme across the information organizations that I work with is that everyone wants to do the right thing. Unfortunately, that often means onerous and complicated security policies that translate into awkward steps that users must take.
April 10, 2014 Added by:Dan Dieterle
The Internet is plastered with news about the OpenSSL heartbeat “Heartbleed” (CVE-2014-0160) vulnerability that some say affects up to 2/3 of the Internet.
April 07, 2014 Added by:Dan Dieterle
“Spear phishing fraud” has been used by hackers impersonating federal entities to create fraudulent orders for large amounts of PC supplies including toners, ink cartridges and even laptops.
April 03, 2014 Added by:Electronic Frontier Foundation
We were thrilled to hear today that Yahoo is carrying through a concerted effort to protect users across its sites and services by rolling out routine encryption in several parts of its infrastructure
Making Sense of Split Tunneling ... Kang Usman on 09-01-2014
The Indelicate Balance Between "Keep it Work... Matthew Harvey on 08-30-2014
Time to Say Goodbye to Admin Privileges... Matthew Harvey on 08-30-2014