Expert advice on firewalls, malware prevention, application security, hacking, endpoint protection, and security strategy

privacy lock security public domain
padlock unlocked security hole flaw

werner vogels aws reinvent 2016

AWS tries to protect its customers from DDoS attacks with new service

Shield is available for free and enabled by default for all web applications running on AWS

blame 174280704

Who's responsible for data compliance? 25% of execs don't know

A new survey sheds some light on just how little grasp U.S. organizations have on privacy and security regulations


Security Sessions: Lessons learned from the Dyn DNS attacks

In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild chats with Stephen Boyer, CTO and co-founder of BitSight, about the recent DNS attacks against Dyn, and how CSOs can prepare their systems against future...

security threat ninja hacker hacked

10 key security terms devops ninjas need to know

If devops teams are going to move fast without breaking security, they’ll need to learn key IT security concepts

nest camera

16% off Nest Cam Indoor Security Camera - Deal Alert

With Nest Cam Indoor, you can check in -- even when you’re out. 24/7 live streaming. No dead batteries. And a versatile magnetic stand that lets you put it anywhere. Nest Cam is currently discounted 10% on Amazon.


Android malware steals access to more than 1 million Google accounts

The Gooligan malware targets devices running older versions of Android

security code big data cyberespionage DDoS

The new Mirai malware strain has gone beyond Deutsche Telekom

Hackers attacked routers in the United Kingdom, Brazil, Iran, Thailand, and other countries

security thinkstock

CERT to Microsoft: Keep EMET alive

Windows systems with Enhanced Mitigation Experience Toolkit properly configured is more secure than a standalone Windows 10 system, says CERT

malware attack cyberespionage code hacker

San Francisco's Muni says server data not accessed in ransomware hit

The alleged ransomware attacker has reportedly threatened to release data stolen from the transit system

spam email

3 clues to spotting a spam scam

The notice looked real at first -- but turned out to be an obvious scam. Unraveling its origins offered an object lesson in how not to get suckered

life preserver save survivor overboard rescue recover

Azure customer saves Microsoft from an RHEL disaster

Were it not for an alert customer, attackers could have compromised every RHEL instance on Microsoft Azure due to improper configuration of Red Hat Update Appliances

hacker, hack, hacking

San Francisco’s Muni transit system reportedly hit by ransomware

The ransomware attacker is said to be demanding $73,000


How to protect the C-suite from spear phishing

CSO Editor-in-Chief Joan Goodchild sits down with Kevin O'Brien, founder and CEO of GreatHorn, to discuss ways that security leaders can fend off spear phishing attempts aimed at the executives at their companies.

clock and calendar montage

Time is running out for NTP

Everyone benefits from Network Time Protocol, but the project struggles to pay its sole maintainer or fund its various initiatives

ddos attack explanation

NTP fixes denial-of-service flaws

Attackers can exploit NTP to generate large volumes of junk traffic for distributed denial-of-service attacks. Update NTP to keep your servers out of the DDoS botnet


Best smaller cities to land a cybersecurity job

If you're ready for a change of scenery or job, check out these locales

hourglass time deadline public domain

Time's almost out for websites to abandon SHA-1

One-third of all websites still rely on the insecure SHA-1 encryption algorithm, as the deadline to switch draws closer

https certificate secure

Moment of truth: Web browsers and the SHA-1 switch

SHA-1 encryption is ending. Here's how your browser will react

Load More