Expert analysis
Investigating the security of the Firefox OS
Firefox OS is Mozilla’s foray into the mobile operating system field and promises a more adaptive mobile OS. But as mobile threats, in particular in the Android …
Latest IE 0-day insight: Background, severity and solutions
This recently discovered Internet Explorer zero day vulnerability is bad. Users and administrators should take immediate action to mitigate the risk. Considering the timing, I …
What CISOs must learn from Bitcoin and a research team at Georgia Tech
It has been an eventful time in the mobile world with two recent breaking stories revealing vulnerabilities in the security infrastructure for Android and iOS respectively. …
Why the iPhone fingerprint reader is a good idea
Two new iPhones have been announced. According to Apple’s presentation, the most common way to secure a device is with a passcode and about half of smartphone users do …
Is BEAST still a threat?
Yesterday I changed the SSL Labs rating criteria to stop penalizing sites that do not implement server-side mitigations for the BEAST attack. That means that we now consider …
New gTLD security implications
The new gTLDs that are being implemented have a few security concerns already. One of the major concerns is Name Collision, which results from a single domain name being used …
Understanding and defending against Denial of Service attacks
Denial of Service (DoS) attacks continue to be on the rise, which is no surprise given our ever-growing dependency on Web-based services, coupled with the fact that these …
Smart building security: Threats, tips and tricks
Martin Lee is the Technical Lead, Threat Intelligence at Cisco. In this interview he discusses the critical security threats to smart buildings, the features of a robust and …
There are no winners in the blame game
Every time a major security breach makes the headlines, a common reaction happens. Even before the details of the breach are known, the infosec world gets into a frenzy of …
The erosion of privacy in the digital world
Yves Le Roux is the Technology Strategist at CA Technologies and Chair of ISACA’s Data Privacy Task Force. In this interview he discusses the evolution of the digital …
Lucrative business: cybercrime-as-a-service
With news of the struggling high street becoming a regular occurrence, it is not surprising that increasingly small businesses are seeking opportunities online. However …
Securing the modern web: Open sourcing the future of IAM
Every CIO needs a reliable identity and access management (IAM) system for protecting employee, customer, and partner data – and for years, they have relied on …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)