Best-of-breed security products still dominate — kind of
The history of security purchasing centers around best-of-breed products. With each requirement, security professionals would research products, review third-party tests, bring in products for internal testing, and buy those that exhibited a superior ability to prevent, detect, or respond...
Digital identity, the blockchain and the GDPR: A round peg in a square hole?
Sometimes in the tech industry you have to work with opposing needs or even contradictions. Often, we find ourselves in a situation of balancing human nature versus security or legal versus technology. An example of the former is in...
BrandPost: As Cyber Threats Grow, Cyber Vigilance is Mandatory
In 1809, author Thomas Charlton penned the famous phrase that has been subsequently attributed to a wide variety of people, writing, “the price of liberty is eternal vigilance.” While he certainly could not have foreseen our day, that idea...
IDG Contributor Network: Small Business Saturday means it’s time for an annual cyber refresh
As we approach Small Business Saturday, it’s a good time of year for small and mid-sized businesses to refresh their thinking around data security and incident response planning. In the same way that we are taught to change the...
What is the cyber kill chain? Why it’s not always the right approach to cyber attacks
As an infosec professional, you’ve likely heard about using a cyber kill chain, also known as a cyber attack lifecycle, to help identify and prevent intrusions. Attackers are evolving their methods, which might require that you look at the...
GDPR, I choose you! How the Pokémon Company embraces security and privacy by design
Pokémon is one of the biggest brands in the world. The colorful pocket monsters span dozens of computer games, cartoons, films, trading cards, books, toys and anything else you care to imagine.To read this article in full, please click...
How to use PowerShell to scan for Windows 10 security updates
With Windows 10, you can no longer do a quick-and-dirty scan for updates from the GUI without triggering the detection and installation of those updates. The same holds true for Server 2016 or Server 2019. The ability to scan...
Microsoft covertly collects personal data from enterprise Office ProPlus users
Privacy Company released the results of a data protection impact assessment showing privacy risks in the enterprise version of Microsoft Office.Regarding the “large scale and covert collection of personal data” of Microsoft Office ProPlus (Office 2016 MSI and Office...
IDG Contributor Network: The end of security as we know it
If you listen very carefully, the age of information security as we know it ended recently, not with a bang, but with a whimper. While that may be something of an overstatement, a recent event put us on the...
How to set up a successful digital forensics program
IT and security managers have found themselves needing to better understand the world of digital forensics, defined as the ability to track down the source of a network intrusion, an exploit such as ransomware, or some other incident where...
How to reach that person who will click on anything
Anyone can be phished with the right targeted spear-phishing campaign, but we all know that person in our organization who will click on any phishing email no matter how fake it appears to everyone else. How do you reach...
Possible BGP hijacking takes Google down
Google might not be immune to border gate protocol (BGP) hijacking and leaks.On Monday, Google services went down for over an hour as internet traffic for some G Suite and Google search users was rerouted to Nigeria, China, and Russia. Internet...
HP Offering $330 off Pavilion 15z 15.6″ Touchscreen Laptop Right Now ($370)
You don't have to wait for Black Friday. Deals have started to drop early, but you have to know where to look. HP has activated a whopping $330 discount on its Pavilion 15z 15.6" Touchscreen Laptop, which puts it at...
Review: Protecting multi-cloud environments with Threat Stack
With a large number of organizations moving their data and applications to the cloud, there is an acute need for a platform designed to natively detect malicious activity occurring there without hindering the underlying network or the business functions...
Cylance researchers discover powerful new nation-state APT
When a Belgian locksmith attacked the Pakistani Air Force, researchers at Cylance sat up and took notice. The locksmith probably never knew his website had been taken over by a nation-state hacking group as a command-and-control server, nor that...
Cyber criminals abuse US Postal Service Informed Delivery for ID theft
The U.S. Secret Service issued an internal alert to law enforcement partners about identity thieves abusing the U.S. Postal Service’s Informed Delivery, a service that allows you to digitally preview your mail and manage package delivery. ID thieves have...
BrandPost: Fill Your Cybersecurity Skills Gap with Veterans
One of the most pressing concerns facing organizations today is the widening cybersecurity skills gap. According to recent estimates, there will be as many as 3.5 million unfilled positions in the industry by 2021. One often overlooked pipeline that may help...
IDG Contributor Network: Taking a moment to appreciate how far we’ve come
Today’s digital security environment offers no shortage of opportunity for industry observers to fret about our collective shortcomings: our enterprises still are plagued by too many security vulnerabilities, too few skilled practitioners and, in many cases, lack a true...
The state of ICS and IIoT security in 2019
40 percent of industrial sites have at least one direct connection to the public internetImage by Getty ImagesAir gaps for critical systems remain an effective way to reduce the chance of attack. No connection to the web means threat...
Best Android antivirus? The top 13 tools
The following are the 13 best antivirus tools for Android, according to AV-TEST’s September 2018 evaluations of 20 Android security apps. (The AV-TEST Institute is a Germany-based independent service provider of IT security and antivirus research.) All but two...
Instagram flaw exposes user passwords
A security flaw in Instagram’s recently released “Download Your Data” tool could have exposed some user passwords, the company reportedly told users.
The tool, revealed by Instagram right before the GDPR regulation went into effect, is designed to let users...
Julian Assange Charges, Japan’s Top Cybersecurity Official, and More Security News This Week
Safer browsing, more bitcoin scams, and the rest of the week's top security news.
SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more
Plus, why is Kaspersky Lab getting into chess? Roundup What a week it has been: we had the creation of a new government agency, a meltdown flashback, and of course, Patch Tuesday.…
Is retaining a cybersecurity attorney a good idea for your business?
Cybersecurity is so complicated that businesses, large and small, are retaining legal counsel specializing in security. Learn two more steps businesses should take before a cyberattack hits.
Machine Learning Can Create Fake ‘Master Key’ Fingerprints
Researchers have refined a technique to create so-called DeepMasterPrints, fake fingerprints designed to get past security.
