Help Net Security
Password pattern analysis: Risky, lazy passwords the norm
Dashlane announced the findings of an analysis of over 61 million passwords. The analysis was conducted with research provided by Dr. Gang Wang, an Assistant Professor in the …
Pressures impacting security pros are up, threats are turning up the heat
Trustwave released the 2018 Security Pressures Report based on a global survey of 1,600 full-time IT professionals who are security decision makers or security influencers …
It’s time to embrace GDPR
The noise around the General Data Protection Regulation (GDPR) has been unavoidable, and for good reason. GDPR is coming into effect in a few short days (May 25 to be exact). …
Verifying data processing for privacy and GDPR
GDPR has been a topic of conversation in the security risk and management world since the regulatory action was proposed in 2012. Recent events have led to a greater interest …
High-level vulnerabilities discovered in 84% of Android shopping apps
More than 84% of the shopping apps have three or more high-level security vulnerabilities, according to a security assessment by Appknox and Seworks. A total of 274 …
America’s most cyber insecure cities exposed
Coronet researchers identified Las Vegas, Memphis and Charlotte as America’s most cyber insecure cities. “While big companies may have the budgets, personnel and …
Fighting ransomware with network segmentation as a path to resiliency
Recent cybersecurity events involving the use of ransomware (WannaCry and similar variants) represent the latest examples highlighting the need for organizations to not only …
The operations and economics of organized criminal email groups
Nine of the 10 captured organized criminal email groups operate out of Nigeria, they all leverage a multitude of attack methods, and business email compromise (BEC) is far …
The ethical and legal dilemmas of threat researchers
Threat intelligence is mainstreaming into a de-facto everyday tool of cyber-defense. But all that intelligence must be collected, analyzed, and prepared by someone. Enter …
Are you ready for the GDPR deadline?
The General Data Protection Regulation (GDPR) compliance deadline looms four days away, but only 29 percent of companies will be ready, according to a new global survey by …
Don’t let attackers worm their way in: Increase password security
Passwords are inherently the weakest form of authentication, yet they remain the most prevalent. Many organizations realize that moving beyond this single point of …
PCI Security Standards Council publishes PCI DSS 3.2.1
PCI DSS version 3.2.1 replaces version 3.2 to account for effective dates and SSL/early TLS migration deadlines that have passed. No new requirements are added in PCI DSS …