Shortage of infosec pros equals frequent and costly data breaches
(ISC)2 released the results of its sixth Global Information Security Workforce Study (GISWS). The study of more than 12,000 information security professionals worldwide (3,229 …
Enterprise account manager with double safekeeping feature
Double safekeeping, or the two-man rule, has long been an established control mechanism for ensuring high levels of security during critical operations because the process …
Qualys executives and researchers at RSA Conference 2013
Here’s a complete list of what Qualys executives and researchers will present during RSA Conference 2013, taking place this week in San Francisco. The Hyperconnected …
Pwn Pad: A tablet for penetration testers
At the RSA Conference 2013 in San Francisco, Pwnie Express released the Pwn Pad, a tablet loaded with wired and wireless pentesting tools. The Pwn Pad contains bleeding edge …
A framework for building privacy-oriented apps
At the RSA Conference 2013 in San Francisco, SpiderOak announced it is launching privacy into the mainstream with the unveiling of Crypton, a “zero-knowledge” …
Week in review: Facebook, Apple hacks, APT1, and mobile phishing
Here’s an overview of some of last week’s most interesting news, reviews and articles: Facebook employees ambushed by zero-day exploit Facebook has admitted that …
Mobile phishing geared towards online banking users
When it comes to deploying phishing sites designed to trick mobile users, the great majority of cyber criminals opts for targeting those who engage in e-banking and e-commerce …
OAuth flaw allowed researcher full access to any Facebook account
A flaw in Facebook’s OAuth system that allows the communication between applications and users has enabled web application security specialist Nir Goldshlager to gain …
Zendesk hack endangers Tumblr, Twitter and Pinterest users
Popular customer service software provider Zendesk has announced that they have been hacked. “We’ve become aware that a hacker accessed our system this week. As …
Mandiant APT1 report used as a lure in phishing campaigns
Mandiant is warning that two malicious versions of their recently released APT1 report have been detected being used as lures in two distinct email phishing campaigns. The …
Real world social engineering challenge at HITBSECCONF2013
Global IT services provider Sogeti will launch their social engineering challenge during the Hack In The Box Amsterdam conference in April. The challenge will be to social …
Hidden security threats on enterprise networks
Check Point uncovered the major security risks and threats that impact organizations worldwide. Their new report examines the leading security threats, the risky web …
Featured news
Resources
Don't miss
- What types of compliance should your password manager support?
- What 35 years of privacy law say about the state of data protection
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email