The latest best practices and technologies for securing endpoints.

  • HTML5 WebSockets Identified As Security Risk

    In the modern world of web development, there are a set of new and emerging specifications sometimes grouped under the moniker HTML5. One of those specifications is the WebSocket API, which enables two-way communications. WebSockets offer the promise of faster communications than traditional TCP — but according to a pair of security researchers, there is… Read more

  • Black Hat: Open Source Web Application Firewall Comes to Microsoft IIS

    LAS VEGAS. For the last decade, Apache web server users have been able to benefit from the open source ModSecurity Web Application Firewall (WAF). At the Black Hat security conference this week, ModSecurity developers will for the first time make their WAF available for the Microsoft IIS web server as well as the nginx open… Read more

  • How to Securely Delete Data from Hard Drives

    What happens to the confidential data on hard drives and other storage media in your organization when you replace them? It’s a vital question to ask – because unless the data is completely erased, there’s a good chance that it could come back to haunt you. As a quick Google search will confirm, there’s no… Read more

  • Review: McAfee Endpoint Protection Suite

    McAfee’s Endpoint Protection Suite (EPS) relies on standard anti-virus technologies to protect Windows-based desktops, laptops, and servers. It is aimed at small to mid-sized and larger enterprises with between 100 and 1000 users, but can be used in even smaller organizations or scale to many thousands of users. Signature-based virus protection is an area in… Read more

  • How to Secure DNS with DNSCrypt & DNSSEC

    Like most of the network protocols and systems in widespread use today, the Domain Name System (DNS) harbors significant security vulnerabilities. Though DNS provides a deceptively simple service — translating human-friendly website addresses such as http://www.cnn.com into computer-friendly numerical IP addresses such as — the system’s integrity is a crucial cornerstone of Internet operations… Read more

  • Which Browser is Best for Security?

    Speaking at the RSA Conference in San Francisco yesterday, researchers at Accuvant Labs presented the results of a three-month security evaluation of Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer. The goal of the study was to determine which browser is the most secure against attack — an important consideration, given that browsers continue to… Read more

  • Passware Cracks Apple’s FileVault Encryption

    Computer forensics firm Passware has released software capable of circumventing Apple’s FileVault disk encryption in under an hour. “Technology from Passware is reportedly capable of capturing the content of a Mac machine’s memory, via Firewire interfaces, before extracting encryption keys,” writes The Register’s John Leyden. “Passware’s software previously included the ability to extract Mac passwords… Read more

  • Amazon Silk Browser Hacked

    Hackers have successfully deployed the Kindle Fire’s Silk browser on other Android devices. “The hack requires a rooted device, and some mucking about with apk files, but does share the Silk love,” writes The Register’s Bill Ray. “XDA-Developers member TyHi initially hacked the Silk browser into the popular CyanogenMod Android distribution, but others have tested… Read more

  • Accuvant Study Finds Chrome is Most Secure Browser

    A study [PDF file] conducted by Accuvant on behalf of Google has determined that Google Chrome is the most secure browser, thanks to its sandboxing tech. “The evaluation was based on the premise that anti-exploitation technology, such as sandboxing, reduces the vulnerability of a browser to a single exploit or an entire class of exploits,”… Read more

  • Is Dolphin Browser for Android Safe?

    MoboTap, which makes the Dolphin Browser for iOS and Android, has acknowledged that the newest version of the Android app transmits the address of every Web site a user visits back to the company’s servers. “The privacy and security implications arise when a user connects to a secure Web site (usually shown by ‘https://’ and… Read more

Top Cybersecurity Companies

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis