The latest technologies and best practices to secure local, virtual, cloud, and hybrid networks.

  • Suffolk University Admits Security Breach

    Boston’s Suffolk University recently began notifying an undisclosed number of people who used their credit cards to purchase tickets to Suffolk University events that their personal information may have been accessed when ticketing vendor Vendini was hacked in March of 2013. According to the notification letter [PDF file], customers’ names, mailing addresses, e-mail addresses, phone… Read more

  • Hetzner Hacked

    The German Web host Hetzner recently notified its clients that its technicians had discovered a backdoor in one of its Nagios internal monitoring systems (h/t The H Security). “An investigation was launched immediately and showed that the administration interface for dedicated root servers (Robot) had also been affected,” Martin Hetzner stated in the notification letter.… Read more

  • Most Common Web Security Attack? Not SQL Injection

    Jeremiah Grossman, founder and CTO of Whitehat Security, has seen a lot of different types of security attacks in his time. He knows the most common types of attacks aren’t necessarily the ones that have the most risk. In its just-released Annual Website Security Statistics report, Whitehat Security provides insight into the attacks it saw… Read more

  • 6 Emerging Security Threats, and How to Fight Them

      The security threat landscape changes constantly, with malicious hackers developing new ways to compromise your systems as older vulnerabilities are discovered and patched. So it’s important to be aware of the threats to enterprise security that are coming over the horizon and heading this way. It’s a question the Georgia Institute of Technology addresses… Read more

  • Cloud Security Standards: What You Should Know

    Enterprises continue to be drawn to the cloud, where data and application management is outsourced to a third party in charge of hardware infrastructure. The cloud has matured to where it now comprises several specialized services described by an alphabet soup of acronyms: SaaS (software-as-a-service), PaaS (platform-as-a-service) and perhaps the least pronounceable of all, IaaS… Read more

  • Anti-Virus Isn’t Enough: 7 Steps to Discourage Hackers

    When hackers broke in to the New York Times’ network, evaded its anti-virus software and began plundering its computer systems, it highlighted a rather uncomfortable truth: ?Anti-virus software is not that good at keeping systems secure. That means that any company that relies on an anti-virus package to secure its endpoints is exposing itself to… Read more

  • Webroot Uncovers Site Offering PayPal Accounts for Sale

    Webroot’s Dancho Danchev reports that a new underground e-shop has been launched specifically to sell access to hacked PayPal accounts. “The E-shop is exclusively targeting United States citizens, and currently has an inventory of 1,543 hacked PayPal accounts, followed by another 14 for the United Kingdom,” Danchev writes. “The cybercriminals who sell the information provide… Read more

  • Is SSL Secure?

      Secure Sockets Layer/Transport Layer Security is the foundational technology that secures Web transactions and communications, but it is not infallible. New research dubbed Lucky13 reveals that SSL/TLS is at risk from a theoretical timing attack that could expose encrypted data. TLS headers include 13 bytes of data used for the secure handshake protocol, said… Read more

  • Cisco: Mainstream Web Sites Are More Risky than Porn Sites

    Cisco recently published its 2013 Annual Security Report [PDF file], which states that the highest concentration of online security threats target legitimate Web sites rather than pornography, pharmeutical or gambling sites — online shopping sites are 21 times more likely to deliver malware than counterfeit software sites, and online advertisements are 182 times more likely… Read more

  • As Malware Evolves, Are AV Signatures Still Relevant?

    In the beginning of the virus era, computer users were introduced to the concept of signature-based anti-virus scanners. It’s an idea whose time may well have come and gone. “Since the 1990s people have used signature-based scanners as their primary line of defense,” said Roger Thompson, chief emerging threats researcher at ICSA Labs, a research… Read more

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis