Vulnerabilities

18d2ccc39431a1f63d67dd3252263400

The Hidden Security Risks of Cloud APIs

December 02, 2016 Added by:Sam Rehman

With the inherent security flaws taken care of, cloud software can take full advantage of the benefits of APIs without exposing themselves or their clients to attack.

Comments  (0)

3dd71538193c3acd65ec65f95a45ac0b

What Is ID and Verification and Why Is It Such an Integral Part of Digital Life?

September 23, 2016 Added by:David Poole

ID&V is part of our lives and while there might be complaints about the inconvenience that obtrusive security plays in digital commerce, it is still an improvement on how things used to be.

Comments  (0)

0133c663c244df033c2eeb2248dfee32

What Elements Are Needed for Security Analytics Success?

August 23, 2016 Added by:Mike Paquette

Not all security analytics solutions are created equal. There are five key characteristics critically important to ensuring that your security analytics are effective and capable of stopping today’s advanced threats.

Comments  (0)

459a952dc77e8d9757246964dee7fd18

Pragmatic Steps to Manage File Data Leakage Risks

August 18, 2016 Added by:Scott Gordon

Next generation F-DRM solutions offer an effective and flexible technical control that can be applied today to reduce file data leakage risks across different infrastructure, collaboration methods, user types and business requirements.

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

SAP Cyber Threat Intelligence Report – August 2016

August 11, 2016 Added by:Alexander Polyakov

SAP has released the monthly critical patch update for August 2016. This patch update closes 30 vulnerabilities in SAP products including 26 SAP Security Patch Day Notes and 4 Support Package Notes.

Comments  (0)

Bff69da3ab11dd09027195fd431c4b09

Exploit Kits: Infiltrating the Ad Industry with Traditional Tactics

August 11, 2016 Added by:Karl Sigler

Exploit kits are increasingly using the evil twin of an advertisement, a malvertisement, as a gateway to a web browser.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

PayPal Fixes CSRF Bug in PayPal.me Website

August 01, 2016 Added by:Ionut Arghire

PayPal recently resolved a cross-site request forgery (CSRF) vulnerability affecting the PayPal.me website, which could have allowed an attacker to change a user’s PayPal profile picture.

Comments  (0)

0133c663c244df033c2eeb2248dfee32

Fighting Alert Fatigue

July 06, 2016 Added by:Mike Paquette

By augmenting their efforts with behavioral analytics and machine learning, teams can be sure they reduce alert noise and fatigue while quickly identifying and addressing the issues that actually matter before they hurt their customers or the bottom line.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

Steam Patches Crypto Code to Prevent Padding Oracle Attacks

May 03, 2016 Added by:Ionut Arghire

Steam recently patched security vulnerabilities in its system to prevent attackers from tapping into the data transmitted between a local client and the Steam network to view plain-text passwords or take over accounts.

Comments  (0)

05a24d7e4020553c4a923a0d8126d8c9

Reducing the Attack Surface is a Fool’s Errand

April 01, 2016 Added by:Paul Morville

This April Fool’s Day, let’s acknowledge that a security strategy focused exclusively on patching and prevention is a fool’s errand and let’s move towards an adaptive approach that includes prevention, detection, continuous visibility and response.

Comments  (0)

F08d1219500edcf01d8b56ee28634437

March Madness Security Threats Can Drive Any Organization Mad!

March 14, 2016 Added by:Mark Parker

Unfortunately, while the popularity of March Madness (the NCAA Basketball Tournament) has grown exponentially, nearly every facet of any employee’s involvement with the event could open up the employee, as well as the organization, to a number of cyber risks.

Comments  (0)

C492d23f3758cf5cdee0b35b74cc36f1

Web Application Firewall: a Must-Have Security Control or an Outdated Technology?

March 09, 2016 Added by:Ilia Kolochenko

Being insufficient to properly mitigate complicated security flaws in modern web applications, a Web Application Firewall still remains a necessary security control within organizations. 

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Bringing Innovation into Cyberdefense Technologies

February 22, 2016 Added by:Larry Karisny

When I spoke on the need for cybersecurity innovation at the January ITEXPO conference in Fort Lauderdale, Fla., I sensed something interesting about my cybersecurity colleagues: They don't seem to care about innovation; they care about having a job in cybersecurity.

Comments  (0)

1fec6881fe864bc30369edb548ea22b1

Yes. The World Needs More Security Predictions

February 17, 2016 Added by:Dan Lohrmann

With the surging growth in cyberspace, new technologies, Wi-Fi, apps, robots, drones, terrorists with social media accounts, the Internet of Things (IoT) and nation-state hacking, online data security has become the Achilles’ heel of the Internet. A growing number of people want to know about new apps available for their smartphones and their data in the cloud – along with the upcoming securit...

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

Top Five Enterprise Data Privacy Mistakes

January 28, 2016 Added by:InfosecIsland News

The European General Data Protection Regulation is a new privacy regulation with fines as high as four percent of annual global revenue for companies that fail to safeguard data of EU citizens and residents. In the U.S. 16 states recently introduced new, ACLU supported data privacy legislation. In spite of efforts to improve privacy protections many enterprises are not doing enough to protect cons...

Comments  (0)

1fec6881fe864bc30369edb548ea22b1

What Do Star Wars and Recent Data Breaches Teach Us About Cyber Ethics?

December 21, 2015 Added by:Dan Lohrmann

Beyond cyber war and the good guys having the right tools to catch the bad guys, there can be a tendency to ignore “more mundane” acceptable use directives. That is, security staff can download copyrighted material (movies and games), view porn at work, look at information that is private (like promotions, raises or other data from management), “borrow” passwords or delete log files to cov...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »