Stories by Antone Gonsalves

Major security flaws threaten satellite communications

By Antone Gonsalves | 19 April, 2014 08:21

An analysis of satellite communication gear from more than a half-dozen major manufacturers has uncovered critical vulnerabilities that could be exploited to disrupt military operations and ship and aircraft communications.

DDoS Attackers Change Techniques To Wallop Sites

By Antone Gonsalves | 18 April, 2014 10:08

Criminals behind distributed denial of service attacks are relying less on traditional botnets and more on techniques capable of launching larger assaults on websites.

Small businesses could benefit from wireless industry 'kill switch' plans

By Antone Gonsalves | 17 April, 2014 11:16

The kill switch application wireless carriers and device manufacturers plan to make available next year for new smartphones could benefit small businesses on a tight budget, an expert says.

Think tank challenges Heartbleed handwringing

By Antone Gonsalves | 16 April, 2014 22:45

A think tank opinion piece that claims the threat from the Heartbleed bug is overblown has sparked a debate among researchers over the seriousness of the OpenSSL flaw.

FTC warning unlikely to stop Facebook from changing WhatsApp privacy policies

By Antone Gonsalves | 15 April, 2014 22:31

Despite pressure from the Federal Trade Commission, Facebook is unlikely to leave WhatsApp's stricter privacy policies intact, once government regulators approve the $19 billion acquisition, privacy experts say.

Here are the options with Heartbleed-flawed networking gear (Hint: there aren't many)

By Antone Gonsalves | 12 April, 2014 07:24

Companies faced with the threat posed by networking equipment that contains the notorious Heartbleed bug have few security options beyond working closely with affected vendors, most notably Cisco Systems and Juniper Networks.

Hackers prepping for OpenSSL Heartbleed attacks

By Antone Gonsalves | 11 April, 2014 11:00 | 1 Comment

While security pros hustle to patch Web sites affected by the widespread OpenSSL flaw nicknamed Heartbleed, there are indications that cybercriminals are hoping to beat them to the punch.

How to defend against the OpenSSL Heartbleed flaw

By Antone Gonsalves | 10 April, 2014 22:41

CSOs need to take a number of steps as soon as possible to protect their organizations against the OpenSSL vulnerability that has shaken the tech industry, experts say.

Symantec to CISOs: Watch for the 'mega-breach'

By Antone Gonsalves | 10 April, 2014 00:09

Symantec has declared 2013 the year of the "mega-breach," placing security pros on notice that they stand to lose big from phishing, spear-phishing and watering-hole attacks.

Symantec to CISOs: Watch for the 'mega-breach'

By Antone Gonsalves | 09 April, 2014 22:41

Symantec has declared 2013 the year of the "mega-breach," placing security pros on notice that they stand to lose big from phishing, spear-phishing and watering-hole attacks.

Microsoft tightens restrictions on adware on Windows PCs

By Antone Gonsalves | 08 April, 2014 22:48

Starting July 1, developers of adware for Windows will have to contend with new Microsoft-imposed rules aimed at making it easier for people to stop bothersome ads.

Businesses face rising political pressure from data breaches

By Antone Gonsalves | 05 April, 2014 09:25

The data breaches like the one at Target and more recently a unit of credit bureau Experian are fueling consumer protection efforts that could have an impact on business.

Zeus malware found with valid digital certificate

By Antone Gonsalves | 04 April, 2014 11:41

A recently discovered variant of the Zeus banking Trojan was found to use a legitimate digital signature to avoid detection from Web browsers and anti-virus systems.

New Windows Phone security necessary, but not groundbreaking

By Antone Gonsalves | 04 April, 2014 00:50

Microsoft, which is far behind Apple and Google in the smartphone market, has introduced a number of security features in Windows Phone that are not groundbreaking, but necessary to attract businesses.

IE easily beats Chrome, Firefox, Safari in malware detection

By Antone Gonsalves | 03 April, 2014 06:18

Microsoft's combination of application reputation technology and URL filtering gave Internet Explorer a malware block rate that blew pass Google Chrome, Mozilla Firefox and Apple Safari.

CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Trend Micro Mobile Security

Comprehensive enterprise protection for mobile devices

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.