Do we need regular IT security fire drills?
IT security “fire drills’, supported by executive management and the risk committee should be conducted regularly in organizations, in order to understand the …
LizardSquad’s DDoS service is powered by hacked home routers
When the Sony Playstation and Microsoft Xbox Live gaming networks went down over Christmas and were kept offline for several days afterwards, the hacker collective that calls …
Microsoft scolds Google for lack of flexibility in vulnerability disclosure
Microsoft is not pleased with Google’s recent release of the details of a zero-day Windows 8.1 vulnerability and the code that can be used to exploit it, and has …
Is IT security stifling innovation and collaboration?
Critical company data is at risk in the UK as a result of organizations focusing their IT security policies and resources more on external threats, such as cybercriminals and …
Week in review: Bitstamp hack, dangerous code in free apps, insider threats
Week in review: Bitstamp hack, and global defense-in-depth architectures analyzed Here’s an overview of some of last week’s most interesting news, reviews and …
Cyber intrusion lead to physical damage at German steel plant
Three weeks ago, Germany’s Federal Office for Information Security (BSI) released its traditional end-of-the-year report about the state of IT security in Germany. It …
Asus wireless router flaw opens network to local attackers
A researcher has discovered a security hole in the firmware of several wireless Asus router models which could be exploited by an attacker to gain complete control of the …
OpenSSL release patches 8 vulnerabilities
The OpenSSL Project has released updates for the popular eponymous open-source library that implements the SSL and TLS protocols. The new releases – 1.0.1k, 1.0.0p and …
Pre-Patch Tuesday alerts no longer publicly available
Microsoft’s Advanced Notification Service (ANS), which for over a decade provided advanced warning about the patches and updates that the company would push out on its …
Security of data in the cloud now an executive-level concern
The Cloud Security Alliance (CSA) surveyed more than 200 IT and security professionals, and nearly 72 percent admitted that they did not know the number of shadow IT apps …
Analysis of global defense-in-depth architectures
Attackers are bypassing conventional security deployments almost at will, breaching systems in a wide swath of industries and geographies. That’s the stark conclusion of …
FBI director confident North Korea was behind Sony hack, still offers no evidence
When late last year the FBI provided an update on their investigation into the Sony Pictures Entertainment hack, they fingered the North Korean government as the instigator. …
Featured news
Resources
Don't miss
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
- GitPhish: Open-source GitHub device code flow security assessment tool
- Healthcare CISOs must secure more than what’s regulated