dcsimg

Articles by Sean Michael Kerner 

Google Pays Big Bug Bounties in Chrome 40 Fix

Google pays out $88,500 in bug bounties, with the largest browser security update yet in 2015. In all, Google fixed 62 different security flaws.

How Secure Is Android if Google Won't Patch?

A security researcher alleges that Google won't patch its older Android software for a new vulnerability. Luckily, users have options to boost security for older versions of the OS.

Black Friday Cyber Attacks Declined in 2014

While 61 million records were stolen from retailers in 2014, Black Friday and Cyber Monday attacks declined, IBM finds.

FireEye Expands Security Platform

FireEye CTO Dave Merkel details his firm's latest additions and offers some security predictions for 2015.

Crowdstrike: On a Mission to Find Malware-Free Attacks

Crowdstrike CTO Dmitri Alperovitch explains how his company's newest Falcon platform improves security with detection and prevention.

Google Brings Open Source Security Gifts

Google isn't just about search anymore. In recent weeks it has announced multiple security projects including Santa for Mac.

IBM Boosts Cloud Data Protection, Compliance

IBM has patented an invention that will help global businesses navigate complex regulatory landscape for cloud data.

Microsoft Buys Aorato to Boost Active Directory Security

Microsoft buys Aorato, the company that earlier this year disclosed a critical vulnerability in Microsoft's security.

IBM Boosts Cyber Security Education Efforts

IBM is investing in outreach to universities in a bid to better educate future security professionals.

Shellshock a Fail for Security Disclosure

Shellshock and the Xen vulnerability. One of these things is not like the other, and an expert says they can teach us a lot about how to disclose security vulnerabilities.

Keeping SCADA Systems Secure

FireEye Turns Its Attention to SCADA industrial control systems.

Veracode Gears up for Security IPO

Veracode CEO explains what his company is doing now as he heads toward a public offering.

An Open Source Solution to Shellshock

An open source tool can mitigate risks associated with Bash shell attack.

IBM Brings Bare Metal Intel TXT Security to Cloud

The cloud isn't just about virtual servers. The physical layer and its security still matter, which is why IBM is using Intel's Trusted Execution Technology.

Security Research and the Law: What You Need to Know

Security researchers must navigate a minefield of U.S. laws and statutes, such as the Computer Fraud and Abuse Act.

How to Detect SSL Leakage in Mobile Apps

LinkedIn researchers find piles of SSL configuration flaws in mobile apps and so can you.

DefCon: Advice on Evading Black Helicopters

You say 'paranoid,' I say 'careful.' Expert offers 'practical' advice on living the paranoid lifestyle.

Yahoo CISO Details Challenge of Security at Scale

Security vendors focus on banks not Web-scale companies, says Yahoo CISO Alex Stamos.

Backoff PoS Malware Demonstrated at Black Hat [VIDEO]

Trustwave researchers demonstrate Backoff malware, which targets POS systems, at Black Hat. Attack that has compromised 600 retailers relies on Java.

Buy All the Cybersecurity Vulnerabilities: Black Hat Keynote

Black Hat keynote speaker Dan Geer has some radical ideas to reshape modern security, including a suggestion that the United States purchase security vulnerabilities and make them public.

Using Military Strategy to Fight Cyber Battles

What does the Library of Sparta have to do with modern IT security? Military strategies are increasingly common in cybersecurity – and with good reason.

SaaS Security Risks: It's the Users, Stupid

Black Hat workshop to discuss security concerns of software-as-a-service applications. Not surprisingly, uninformed users pose some of the biggest risks.

IBM Expands Security Portfolio with CrossIdeas Acquisition

CrossIdea technology will give IBM more capabilities to evaluate and access risks.

New ThreatStream CEO Wants to Solve SIEM Challenge

ArcSight founder joins security vendor to fill gaps that SIEM doesn't solve.