Peruse the agenda for the Black Hat security conference that's being held this week in Las Vegas and you'll get a peek at some of the major cybersecurity challenges ahead - and potential solutions.
Attackers increasingly focus on software vulnerabilities in what application security expert Anthony Lim calls "the invisible onslaught." How can the CISO exert more control over software development?
Characterizing the state of employment among American information security practitioners, executive recruiter Joyce Brocaglia says, "We are experiencing negative unemployment in the field of information security."
Oracle has stopped supporting XP, but promises the next update for Java 7 -- though not Java 8 -- will still run on XP. But for how long will this continue? Security experts chart XP's "downward spiral."
As Keith Alexander tells it, when he led the National Security Agency, he didn't exist. Alexander discovered that 'fact' after he retired on May 21 as director of the NSA and commander of the Cyber Command and began shopping to buy a new home.
We've been talking about shifting away from legacy mag-stripe technology and a move toward EMV chip cards for the last decade in the U.S. So is it too late, or is there still hope for EMV?
Security executives who attended ISMG's Fraud Summit Chicago said they see a growing need for sharing more cyber-intelligence with community banks and credit unions. But how else could smaller institutions improve their fraud-fighting efforts?
Security experts say a newly reported flaw in open-source authorization services, which has been named Covert Redirect, doesn't appear to pose as big a risk as the Heartbleed bug.
For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
The fact that the U.S. federal government would, under some circumstances, exploit software vulnerabilities to attack cyber-adversaries didn't perturb a number of IT security providers attending the 2014 Infosecurity Europe conference in London.
A hot topic among U.S. federal government security managers and other infosec pros is developing a process to vet mobile applications. The National Institute of Standards and Technology is offering a solution called AppVet.
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.
The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
A notion emerging from the Heartbleed bug is that organizations can't determine if the vulnerability caused data to be exfiltrated. But CERT's Will Dormann says that may not always be the case.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.