Corporate Partners

Top IT Security Bloggers

  • New Mobile OS Versions Improve Security

    TrendLabs - Malware Blog
    The competition between mobile OSes is heating up, with Apple’s iOS 8 and Google’s Android Lollipop in tight competition, as the public discovers their features and what these OSs can do for them. There are notable changes and significant improvements in these releases, particularly in their default settings. Encryption by default seems to be the primary […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNew Mobile OS Versions Improve Security
  • New Mobile OS Versions Improve Security

    Trend Micro - Security Intelligence
    The competition between mobile OSes is heating up, with Apple’s iOS 8 and Google’s Android Lollipop in tight competition, as the public discovers their features and what these OSs can do for them. There are notable changes and significant improvements in these releases, particularly in their default settings. Encryption by default seems to be the primary […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNew Mobile OS Versions Improve Security
  • ‘Spam Nation’ Publisher Discloses Card Breach

    Krebs on Security
    In the interests of full disclosure: Sourcebooks, the company that on Nov. 18 is publishing my upcoming book about organized cybercrime, disclosed last week that a breach of its Web site shopping cart software may have exposed customer credit card and personal information.

    Fortunately, this breach does not affect readers who have pre-ordered Spam Nation through the retailers I've been recommending -- Amazon, Barnes & Noble, and Politics & Prose. I mention this breach mainly to get out in front of it, and because of the irony and timing of this unfortunate incident.
  • Enterprises Establish a 'Cybersecurity Cavalry'

    Network World - Networking Nuggets and Security Snippets
    In the past, enterprise cybersecurity responsibilities were tilted toward oversight rather than hands-on operations and technology procurement. Security analysts were counted on for incident detection and response, but aside from this function CISOs helped organizations develop and enforce the right policies. Meanwhile, functional IT groups selected, deployed, and operated security products. 
    Take network security for example. A few years ago, there was a pretty common division of labor – security professionals defined requirements and the networking team purchased and operated network security technologies like firewalls, proxy servers, and IDS/IPS. To read this article in full or to leave a comment, please click here
  • Google goes beyond two-step verification with new USB Security Key

    Sophos - Naked Security
    Google's adding support for a physical USB second factor that will first verify the login site as being a true Google website, not a fake site pretending to be Google, before it hands over a cryptographic signature.
  • WYSIWYG editors could be an avenue for XSS attacks, warns researcher

    Graham Cluley
    Online WYSIWYG editors allowing rich content could be making it easier for attackers to launch cross-site scripting (XSS) attacks.

    Read more in my article on the Tripwire State of Security blog.
  • SSCC 170 - Is the best time to shop at a store right after it has a breach? [PODCAST]

    Sophos - Naked Security
    Here's the latest episode of our weekly security podcast.

    Join Sophos experts Chester Wisniewski, John Shier and Paul Ducklin as they turn news into advice...
  • Hackers exploit Windows zero-day flaw in targeted PowerPoint attacks

    Graham Cluley
    Be on your guard. Another zero-day vulnerability has been uncovered that affects almost all supported versions of Windows, and it is being actively exploited by hackers in targeted attacks.

    Read more in my article on the Optimal Security blog.
  • New CVE-2014-4114 Attacks Seen One Week After Fix

    Trend Micro - Security Intelligence
    Despite the availability of fixes related to the Sandworm vulnerability (CVE-2014-4114), we are still seeing new attacks related to this flaw. These attacks contain a new routine that could prevent detection. A New Evasion Technique In our analysis of the vulnerability, we noted this detail: “…[T]he vulnerability exists in PACKAGER.DLL, which is a part of […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNew CVE-2014-4114 Attacks Seen One Week After Fix
  • New CVE-2014-4114 Attacks Seen One Week After Fix

    TrendLabs - Malware Blog
    Despite the availability of fixes related to the Sandworm vulnerability (CVE-2014-4114), we are still seeing new attacks related to this flaw. These attacks contain a new routine that could prevent detection. A New Evasion Technique In our analysis of the vulnerability, we noted this detail: “…[T]he vulnerability exists in PACKAGER.DLL, which is a part of […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNew CVE-2014-4114 Attacks Seen One Week After Fix

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Blog Posts

Media Release

More media release

Market Place