In recent months, Cloud Access Security Broker solutions have emerged as a defacto, mandatory control. Which is better approach to CASB - proxy or API? Rohit Gupta of Palerra shares his insight and recommendations.
A report that the Russian government hacked into Democratic National Committee systems has security experts warning that just because malware was found on a hacked network, that doesn't mean a specific individual, group or nation-state was involved.
Adobe Flash security alert redux: All enterprises should immediately update - or delete - all instances of Flash Player, following reports that a zero-day flaw in the Web browser plug-in is being targeted by the new "ScarCruft" APT group.
Preparing for data breaches - to detect them quickly, respond appropriately and ascertain exactly what happened - can help make the difference between a security incident having major or minor repercussions, says CrowdStrike CEO George Kurtz.
The annual Infosec Europe conference in London included a number of information security highs and lows, from hackers in hoodies and Guy Fawkes masks to free ice cream and Mikko Hypponen revealing that he too has been pwned.
A hacker nicknamed Guccifer 2.0 claims to be the lone attacker who breached the Democratic National Committee's systems. The claim contradicts Crowdstrike's conclusion that two Russian state-sponsored groups were involved.
A massive scan of open internet ports confirms long-held assumptions that old, insecure internet protocols never die, and in fact may still thrive, especially in Belgium, says Rapid 7 security research manager Tod Beardsley.
Apple is building "differential privacy" into iOS 10 to try and block attempts to identify or track individual users based on their behavior, keyword searches or other activities. But will the functionality perform as advertised?
In an interview, Doug Johnson of the American Bankers Association explains why the ABA rejects the Retail Industry Leaders Association's contention that a legislative proposal to hold retailers to the same cybersecurity standards as banks is unfair.
IBM is deploying its Watson supercomputer to help organizations answer this essential question: In the face of nonstop security events, potential intrusions and patches, what's the next, best action that an organization's security analyst should take?
For years, organizations have been threatened by DDoS attacks on several fronts, ranging from volumetric attacks to application-level and DNS strikes. Now come ransom-based attacks. Trey Guinn of CloudFlare discusses how to respond to each type of attack.
My initial reaction to Microsoft's announcement that it plans to buy LinkedIn for $26.2 billion in cash: I guess its massive 2012 data breach - and the loss of virtually every user's credentials - didn't hobble the company's long-term prospects.