Top IT Security Bloggers

  • Cloud security: A mismatch for existing security processes and technology

    Network World - Networking Nuggets and Security Snippets
    To use a long-forgotten metaphor, cloud deployment is moving forward at internet speed at many enterprise organizations. According to ESG research, 57 percent of enterprise organizations use public and private cloud infrastructure to support product applications/workloads today, and an overwhelming majority of organizations will move an increasing number of applications/workloads to cloud infrastructure over the next 24 months (note: I am an ESG employee).Now, no one would argue the fact that cloud computing represents a different compute model, but it is really based upon the use of server virtualization for the most part. And since a VM is meant to emulate a physical server, many organizations approach cloud security by pointing traditional security processes and technologies at cloud-based workloads.To read this article in full or to leave a comment, please click here
  • Email and Web Gateway: Your First Line of Defense Against Ransomware

    Trend Micro - Cloud Security Blog
    Ransomware is fast becoming the scourge of IT departments all over the world. It has risen over the past 12-24 months from a minor nuisance to a major threat – causing business disruption and damaging the brand and reputation of countless organizations. There’s no silver bullet for stopping this new malware threat. But take the...
  • Noodles & Company Probes Breach Claims

    Krebs on Security
    Noodles & Company [NASDAQ: NDLS], a fast-casual restaurant chain with more than 400 stores in 31 U.S. states, says it has hired outside investigators to probe reports of a credit card breach at some locations.
  • Ransomware for sale on nonsensical dark web malware site

    Graham Cluley
    Goliath ransomware is now for sale on the dark web, but some of its features - not to mention those of the malware website - don't make any sense.
    David Bisson reports.
  • What are 150,000 stolen press releases worth? About 20 years in prison

    Sophos - Naked Security
    What's a press release worth? Rather a lot if you steal them before they go public and help people trade on the secrets you've uncovered...
  • Kernel Waiter Exploit from the Hacking Team Leak Still Being Used

    TrendLabs - Malware Blog
    Although the Hacking Team leak took place several months ago, the impact of this data breach—where exploit codes were made public and spurred a chain of attacks—can still be felt until today. We recently spotted malicious Android apps that appear to use an exploit found in the Hacking Team data dumps. The apps, found in certain websites, could allow remote attackers to gain root privilege when successfully exploited. Mobile devices running on Android version 4.4 (KitKat) and below, which account for nearly 57% of total Android devices, are susceptible to attacks that may abuse this flaw.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Kernel Waiter Exploit from the Hacking Team Leak Still Being Used
  • Kernel Waiter Exploit from the Hacking Team Leak Still Being Used

    Trend Micro - Security Intelligence
    Although the Hacking Team leak took place several months ago, the impact of this data breach—where exploit codes were made public and spurred a chain of attacks—can still be felt until today. We recently spotted malicious Android apps that appear to use an exploit found in the Hacking Team data dumps. The apps, found in certain websites, could allow remote attackers to gain root privilege when successfully exploited. Mobile devices running on Android version 4.4 (KitKat) and below, which account for nearly 57% of total Android devices, are susceptible to attacks that may abuse this flaw.
    Post from: Trendlabs Security Intelligence Blog - by Trend Micro
    Kernel Waiter Exploit from the Hacking Team Leak Still Being Used
  • Millions of LinkedIn passwords up for sale on the dark web

    Sophos - Naked Security
    Darn cheap, too: the whole lot was priced at about $2,200. LinkedIn has confirmed that the data is legitimate.
  • Firefox users left feeling vulnerable as judge keeps Tor hack under wraps

    Sophos - Naked Security
    Millions of users of Mozilla’s Firefox web browser may be at risk, thanks to a ruling handed out by a federal judge on Monday
  • Google's Allo fails to use end-to-end encryption by default

    Graham Cluley
    If there is one thing we have learnt over the years, it's this. Few users ever change the default settings.

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Media Release

More media release

Market Place