Fixing the broken windows of software security
Last month I discussed how we can fix software security issues only by making sure we use libraries and frameworks that don’t allow classes of vulnerability to exist. Of …
Automation is the key to successful policy implementation
Organizations today are facing increased pressure to collect and store massive amounts of data. Regulatory guidelines, storage costs, and the promise of Big Data have …
Explaining infosec magic to kids
Magic! It’s the basis for countless children’s stories filled with adventure and excitement. It’s also how many kids think cyberspace works. There’s …
Targeted attack protection via network topology alteration
When it comes to targeted attacks, attackers are not omniscient. They need to gather information in the early stages to know the target they may gather information from …
How security-wary retailers can prepare for the holiday season
Retailers are beside themselves with worry as the spate of data breaches among them continues. With Black Friday approaching, what can retailers still do to protect themselves …
Tips for mitigating the financial impact of identity theft
With a number of large retailers and banks reporting massive data security breaches in the last year, leaving hundreds of millions of consumers’ personal information …
Lessons learned developing Lynis, an open source security auditing tool
If you’ve been involved with information security for more than a decade, you’ve probably heard of Rootkit Hunter or rkhunter, a software whose primary goal is to …
Infographic: How to spot a phish
Since many cyber attacks originate with a phishing email, the best way for organizations and individuals to protect themselves online is to identify and avoid phishing emails. …
Infographic: 4 authentication definitions you should know
This infographic by Wave Systems addresses current authentication problems and illustrates how to ensure that only known users access corporate resources, devices and …
Identifying deceptive behavior in user-generated content
In this interview, JT Buser, Manager of Authenticity and Fraud at Bazaarvoice, talks about challenges involved in identifying deceptive behavior in user-generated content as …
Seven Destiny video game tactics that translate to cyber security
Why learn by grinding through dry security best practices when you can make education unique by mixing in a little geeky fun? In the third installment of my security pop …
Android browser SOP bypass bug: Who’s affected, and what to do?
A security researcher has recently discovered not just one but two vulnerabilities in the Android Open Source Project (AOSP) browser that could allow attackers to bypass the …
Featured news
Resources
Don't miss
- CISA warns about actively exploited Broadcom, Commvault vulnerabilities
- Marks & Spencer cyber incident linked to ransomware group
- Eyes, ears, and now arms: IoT is alive
- What’s worth automating in cyber hygiene, and what’s not
- Want faster products and stronger trust? Build security in, not bolt it on