security awareness
5 tips for security behavior management programs
Security awareness has long been a point of frustration for information security professionals. While many organizations conduct awareness training of some kind, they have …
Heartbleed still a critical threat
Cyber attackers have been quick to exploit the Hearbleed OpenSSL bug, to the tune of hundreds of thousand attacks per day in the week after the public revelation of its …
Coder tries shaming apps and site owners into using HTTPS
How can we force website owners and software developers to start using HTTPS? Coder Tony Webster believes shaming might be the right answer. To that point, he created a …
Five steps to take to protect your passwords
A report issued this week claimed that a Russian cybercrime group stole 1.2 billion usernames and passwords from 420,000 websites. While some security experts question the …
CrowdStrike launches Intelligence Exchange Program
At Black Hat, CrowdStrike announced the launch of the CrowdStrike Intelligence Exchange Program (CSIX). The exchange enables vendor partners to access and share threat …
DDoS attack volumes plummet as NTP servers got patched
Wise to attackers’ exploitation of the Network Time Protocol (NTP) vulnerability to create distributed reflection denial of service (DrDoS) attacks, information security …
New game sharpens secure coding skills
Today at Black Hat, Checkmarx launched Game of Hacks, a challenging game for software developers and security professionals to test their application hacking skills, improve …
IT security training: Be proactive
Security is a fast paced industry. You only need to use the Internet for a short time to understand how and why the activities of digital criminals pose a real and significant …
Why security awareness matters
In this interview, Paulo Pagliusi, CEO at MPSafe Cybersecurity Awareness, talks about the value of security awareness and how it influences the overall security posture of an …
Introducing the Security Culture Summer School
The infosec community has complained about awareness training failures and wasting time and effort on awareness trainings for quite some time. A consensus has emerged that for …
IT sec pros surprisingly cavalier about mobile security best practices
A flash poll conducted at Infosecurity Europe 2014 by Centrify Corporation has found that 94 per cent of IT security professionals use third party applications on their mobile …
IoT security requirements will reshape enterprise IT security programs
The power of objects in the Internet of Things (IoT) to change the state of environments — in addition to generating information — will cause chief information security …