April 22, 2014 Added by:Anthony M. Freed
NIST has officially announced the decision to remove the cryptographic algorithm from its revised guidance on random number generators
April 21, 2014 Added by:Patrick Oliver Graf
If your provider is not hurrying to patch the hole in their OpenSSL implementation and/or taking steps to better implement a defense in depth framework, you may be justified in hitting the panic button.
April 16, 2014 Added by:David Navetta
Overall, in most cases, the Heartbleed vulnerability and associated security and legal risk is manageable as long as organizations take swift action to remediate their risk.
April 16, 2014 Added by:Tripwire Inc
One of the basic security measures that every company should be taking is giving security awareness training to its employees.
April 16, 2014 Added by:Rebecca Herold
The OpenSSL Heartbleed vulnerability has resurrected the age-old debate of whether or not open source code is more or less secure than proprietary code.
April 15, 2014 Added by:Tripwire Inc
One common theme across the information organizations that I work with is that everyone wants to do the right thing. Unfortunately, that often means onerous and complicated security policies that translate into awkward steps that users must take.
April 10, 2014 Added by:Dan Dieterle
The Internet is plastered with news about the OpenSSL heartbeat “Heartbleed” (CVE-2014-0160) vulnerability that some say affects up to 2/3 of the Internet.
April 09, 2014 Added by:Scott Montgomery
Whether you want to acknowledge it or not, the Windows XP and 2003 applications and servers in your estate are going to be at significant risk in a few weeks.
April 07, 2014 Added by:Dan Dieterle
“Spear phishing fraud” has been used by hackers impersonating federal entities to create fraudulent orders for large amounts of PC supplies including toners, ink cartridges and even laptops.
April 03, 2014 Added by:Electronic Frontier Foundation
We were thrilled to hear today that Yahoo is carrying through a concerted effort to protect users across its sites and services by rolling out routine encryption in several parts of its infrastructure
April 01, 2014 Added by:Tal Be'ery
One of the new security features in the latest Windows release (Windows 8.1) is the “Restricted Admin mode for Remote Desktop Connection”. This measure is meant to enhance Windows credential protection against attacks such as Pass-the-Hash and Pass-the-Ticket. However, it appears that cure might be worse than the disease as the new “Restricted Admin mode” opens a new attack surface for the...
Today's Mobile Device Data Protection Must G... Mic Micac on 09-02-2014
Join the Security Intelligence Network on Li... Mic Micac on 09-02-2014
What PCI Requirements Apply to Us: Tacking a... Mic Micac on 09-02-2014