Exchanging threat intelligence becoming essential
A new Ponemon Institute survey included more than 700 IT and IT security pros, across businesses and government agencies with an average of 12,000 employees, who answered more …
Dissecting the unpredictable DDoS landscape
DDoS attacks are now more unpredictable and damaging than ever, crippling websites, shutting down operations, and costing millions of dollars in downtime, customer support and …
Nine patterns make up 92 percent of security incidents
Verizon security researchers have found that 92 percent of the 100,000 security incidents analyzed over the past ten years can be traced to nine basic attack patterns that …
Rapid7 announces security certifications for Metasploit and Nexpose
Rapid7 is launching certification programs for Nexpose administrators and Metasploit Pro specialists. “Certification enables security professionals to ensure that they …
Heartbleed attacker hijacked VPN active user sessions
As the number of the most popular websites that still haven’t patched their servers against the Heartbleed exploit continues to diminish (go here for an up-to-date list …
OpenBSD team forks OpenSSL to create safer SSL/TLS library
For all the talk about how something should be done to fix OpenSSL so that a Heartbleed situation is never again repeated, there has been little to no concrete action so far. …
Supposedly patched router backdoor was simply hidden
When security systems’ engineer and researcher Eloi Vanderbeken discovered the existence of a backdoor in his own Linksys router last Christmas, he spurred other hackers …
How can we create a culture of secure behavior?
It’s a busy day in your company and everyone is rushing around trying to respond to requests. Audrey gets an email that looks like it’s from a partner asking her …
Insights from attack trends in the cloud
Drawing on data obtained from a customer base of 2,200, Alert Logic found a significant increase in activity across cloud and hosting environments compared to last …
Free Heartbleed scanner for Chrome and Android
To help Internet users protect themselves from the Heartbleed bug that is eroding SSL security features on websites worldwide, Trend Micro released two free Heartbleed …
CyberRX: Healthcare industry’s first cyber attack simulation
HITRUST, in coordination with the U.S. Department of Health and Human Services (DHHS), revealed the results of the healthcare industry’s first cyber attack simulation, …
Week in review: SATCOM (in)security, Heartbleed fallout, and the security of programming languages
Here’s an overview of some of last week’s most interesting news and articles: Appeals court overturns AT&T hacker’s sentence Andrew “weev” …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade