Expert analysis
Passwords are not treated as critical to security
Considering the cyber world we live in, it’s time to ask whether passwords can still be considered a reliable security component – and if so, how should they be used? Look no …
How to apply threat intelligence feeds to remediate threats
IT organizations are recognizing the value of threat intelligence feeds, and that’s good. Threat intelligence is a must-have for identifying malware and other threats that …
Reflections on virtualization security and the VENOM vulnerability
Virtualization is undoubtedly a great IT tool that enables organizations to quickly run new instances of servers and workstations, helps isolate environments, and allows for a …
The NYSE system crash was an infosec incident
On Wednesday, July 8, a number of information systems suffered “glitches,” causing speculation that the US may be under a coordinated cyber attack. In the morning, United …
The arsenal of SMS scammers, spammers and fraudsters
Illicit commercial activity online has manifested into all things mobile. With revenue in the billions from mobile marketing, criminals are doing their best to harness the …
A comparative view of cloud-based DDoS protection services
Six months ago we experienced a 30Gb/sec and 60M PPS attack that was targeting over 1000 IPs on our network. Although we eventually stopped the attack with the aid of our …
Understanding PCI compliance fines: Who is in charge of enforcing PCI?
If your business stores, processes, or transmits data from payment cards, then you are subject to the requirements of the PCI DSS. This set of security controls is designed to …
Unsharing in the sharing economy
It’s been a big year for the sharing economy. Numerous consumer services have skyrocketed to popularity by basing their business on the sharing of resources. Companies like …
The difficult task of meeting compliance needs
Compliance is a complex issue in many industries and organizations know all too well that there are major fines and potential punishments for not meeting the laws and …
3 ways to stop insider threats in your organization
No one wants their organization to be the next poster child for a major informational breach. No one wants their company to make headlines for having their data compromised or …
Mobile SSL failures: More common than they should be
Securing your mobile application traffic is apparently more difficult than it should be, as researchers Anthony Trummer and Tushar Dalvi discovered when looking into SSL/TLS …
Why is ERP security so difficult?
ERP (Enterprise Resource Planning) security has been all over the news lately. From high profile breaches, like the recent U.S. Office of Personnel Management breach, to …
Featured news
Resources
Don't miss
- August 2025 Patch Tuesday forecast: Try, try again
- Third-party partners or ticking time bombs?
- What GPT‑5 means for IT teams, devs, and the future of AI at work
- Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
- SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls