Articles by Sean Michael Kerner 

Security Research and the Law: What You Need to Know

Security researchers must navigate a minefield of U.S. laws and statutes, such as the Computer Fraud and Abuse Act.

How to Detect SSL Leakage in Mobile Apps

LinkedIn researchers find piles of SSL configuration flaws in mobile apps and so can you.

DefCon: Advice on Evading Black Helicopters

You say 'paranoid,' I say 'careful.' Expert offers 'practical' advice on living the paranoid lifestyle.

Yahoo CISO Details Challenge of Security at Scale

Security vendors focus on banks not Web-scale companies, says Yahoo CISO Alex Stamos.

Backoff PoS Malware Demonstrated at Black Hat [VIDEO]

Trustwave researchers demonstrate Backoff malware, which targets POS systems, at Black Hat. Attack that has compromised 600 retailers relies on Java.

Buy All the Cybersecurity Vulnerabilities: Black Hat Keynote

Black Hat keynote speaker Dan Geer has some radical ideas to reshape modern security, including a suggestion that the United States purchase security vulnerabilities and make them public.

Using Military Strategy to Fight Cyber Battles

What does the Library of Sparta have to do with modern IT security? Military strategies are increasingly common in cybersecurity – and with good reason.

SaaS Security Risks: It's the Users, Stupid

Black Hat workshop to discuss security concerns of software-as-a-service applications. Not surprisingly, uninformed users pose some of the biggest risks.

IBM Expands Security Portfolio with CrossIdeas Acquisition

CrossIdea technology will give IBM more capabilities to evaluate and access risks.

New ThreatStream CEO Wants to Solve SIEM Challenge

ArcSight founder joins security vendor to fill gaps that SIEM doesn't solve.

Google Project Zero Focuses on Internet Security

Months after reporting its first vulnerabilities, Google officially acknowledges the existence of a shadowy security group known as Project Zero.

How to Reduce Use-After-Free Memory Risk

Use-after-free memory errors often crop up in software application code.

Boleto Malware Hits Brazil Payment System

New IBM Trusteer research finds new variants of malware used to exploit Brazil's Boleto payment system.

Bromium CTO Explains Promise of Secure by Design

Simon Crosby, Co-founder and CTO of Bromium, details his company's progress to deliver a Byzantine Fault Tolerant security solution

HP Atalla Tackles Encryption in the Post-Snowden Era

The need for encryption now is greater than ever.

The Link between Windows XP Users and Spam Volume

Second quarter IBM X-Force Threat Intelligence report finds an uptick in spam volume.

IBM Patents Browser-Based Fraud Detection Technology

What you do in your browser now forms a second factor of authentication for e-commerce transactions, thanks to IBM.

IBM Takes Aim at Endpoint Security with Trusteer Apex

In a world where anti-virus is no longer entirely effective, IBM launches new technology to secure endpoint devices.

How Should Enterprises Score Security? [VIDEO]

Qualys CTO Wolfgang Kandek discusses his firm's Web application firewall and security scoring efforts and hints at future security technologies to come.

[VIDEO] Where Are Database Threats Today?

Amichai Shulman, CTO of Imperva, explains why SQL injection is not a database threat and discusses the current state of Oracle database patching.

[VIDEO] Dr. Larry Ponemon on How Security Survey Research Is Done

Head of the Ponemon Institute details the process and the challenges of conducting modern security surveys.

How to Limit Heartbleed Risk Today

What can you do to reduce your risk from Heartbleed? eSecurity Planet has got you covered.

ATMs on Windows XP: How Risky Is It?

Microsoft has ended official support for Windows XP. What does that mean for the security of the world's ATMs, most of which run XP?

Does Your Organization Need a Chief Trust Officer? [VIDEO]

VIDEO: Is Cognitive Injection the Key to Real Security?

Andy Ellis, chief security officer at Akamai, thinks that taking a positive approach to security tasks will result in better security outcomes.