Corporate Partners

Top IT Security Bloggers

  • Did Facebook's emotion experiment break the law? ICO probes

    Sophos - Naked Security
    Did Facebook's emotional manipulation study break data protection laws? The UK's Information Commissioner's Office is to investigate the experiment, which caused outrage after it manipulated the feeds of close to 700,000 users to determine how they reacted to positive or negative news.
  • Brazilian ‘Boleto’ Bandits Bilk Billions

    Krebs on Security
    With the eyes of the world trained on Brazil for the 2014 FIFA World Cup, it seems a fitting time to spotlight a growing form of computer fraud that's giving Brazilian banks and consumers a run for their money. Today's post looks at new research into a mostly small-time cybercrime practice that in the aggregate appears to have netted thieves the equivalent of billions of dollars over the past two years.
  • Anatomy of a buffer overflow - Google's "KeyStore" security module for Android

    Sophos - Naked Security
    Here's a cautionary tale about a bug, courtesy of IBM.

    Not that IBM had the bug, just to be clear: Google had the bug, and IBM researchers spotted it.
  • Supreme Court refuses to drag Google out of its Street View privacy wreckage

    Sophos - Naked Security
    Google's planning to slurp up ever more data, from wearables, fitness apps and more. It sure would be nice for Google if the Street View fiasco would fade away and stop reminding people of how they snooped on data and then lied about it, but the Supreme Court isn't disposed to helping it out on this one.
  • Ex-boyfriend avoids jail for posting offensive update on woman's Facebook account

    Sophos - Naked Security
    The case - one which involves prosecution over damage to a social media account - is reportedly unprecedented. The guilty party was facing a maximum of 10 years in prison and a €10,000 fine, with a judge who had no precedents to go on when it came time for sentencing.
  • Rig Exploit Kit Used in Recent Website Compromise

    Symantec Security Response Blogs
    Summary: 


    Attackers planted code in a popular Web portal to redirect users to an exploit kit.



    Contributor: Karthikeyan Kasiviswanathan
    read more
  • DOWNAD Tops Malware Spam Source in Q2 2014

    Trend Micro - Security Intelligence
    DOWNAD , also known as Conficker  remains to be one of the top 3 malware that affects enterprises and small and medium businesses.  This is attributed to the fact that a number of companies are still using Windows XP, susceptible to this threat. It can infect an entire network via a malicious URL, spam email, and […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroDOWNAD Tops Malware Spam Source in Q2 2014
  • DOWNAD Tops Malware Spam Source in Q2 2014

    TrendLabs - Malware Blog
    DOWNAD , also known as Conficker  remains to be one of the top 3 malware that affects enterprises and small and medium businesses.  This is attributed to the fact that a number of companies are still using Windows XP, susceptible to this threat. It can infect an entire network via a malicious URL, spam email, and […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroDOWNAD Tops Malware Spam Source in Q2 2014
  • Where to watch for the latest in Enterprise Security

    HP Following the Wh1t3 Rabbit - Practical Enterprise Security
     “Following the Wh1te3 Rabbit” has been an excellent blog, offering thought leadership and insights for the C-Suite, yet will be closing July 4, 2014.  HP will continue to share the latest on cyberdefense, consumerisation, collaboration and enterprise security on the Enterprise Security Trends Blog.   
  • Big data security analytics mantra: Collect and analyze everything

    Network World - Networking Nuggets and Security Snippets
    In a recent research survey, ESG asked security professionals to identify the most important type of data for use in malware detection and analysis (note: I am an employee of ESG). The responses were as follows:
    42% of security professionals said, “Firewall logs”
    28% of security professionals said, “IDS/IPS alerts”
    27% of security professionals said. “PC/laptop forensic data”
    23% of security professionals said, “IP packet capture”
    22% of security professionals said, “Server logs”

    I understand this hierarchy from a historical perspective, but I contend that this list is no longer appropriate for several reasons. First of all, it is skewed toward the network perimeter which no longer makes sense in a mobile device/mobile user world. Second, it appears rooted in SIEM technology which was OK a few years ago, but we no longer want security technologies mandating what types of data we can and cannot collect and analyze.To read this article in full or to leave a comment, please click here

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Blog Posts

Media Release

More media release

Market Place