Security

Expert advice on firewalls, malware prevention, application security, hacking, endpoint protection, and security strategy

Digital Key encryption
Graphic blue background with computer monitor and bug on top

don't panic fortune cookie

Don't panic about SHA-1—fix it

Crypto experts agree it's time to ditch SHA-1 if you haven't already, but also to know where the real risks are

ransomware data laptop

Ransomware 'customer support' chat reveals criminals' ruthlessness

F-Secure publishes 34 pages of chat transcripts between victims and gang's 'support rep'

head on collision

Google kills SHA-1 with successful collision attack

SHA-1 in digital certificates and cryptographic keys hasn't been safe for years. With the world's first successful collision attack, the clock has run out for the hash function

Uber
video

Breaking and protecting devops tool chains

Ken Johnson, CTO of nVisium, and Chris Gates, Senior Security Engineer at Uber talk to CSO Online's Steve Ragan about working with devops tool chains.

Still
video

Bruce Schneier and the call for "public service technologists"

Bruce Schneier, CTO of IBM Resilient on the increasing importance of technologist's presence in education and policy-making.

cleaning sponges detergent wash rinse chores

How to scrub your private data from 'people finder' sites

The internet has your number—among many other deets. Prevent identity theft and doxxing by erasing yourself from aggregator sites like Spokeo and PeekYou

Digital Key encryption

New MacOS ransomware spotted in the wild

A new file-encrypting ransomware program for macOS is being distributed through bittorrent websites and users who fall victim to it won't be able to recover their files, even if they pay.

stethoscope iphone public domain

Netflix Stethoscope gives users a BYOD security checkup

The IT-compiled web application provides users a personalized list of security recommendations for their own computers, smartphones, and tablets

Computer monitor with pixelated locks for security breach

7 Wi-Fi vulnerabilities beyond weak passwords

Using strong encryption and passwords is only the first step in protecting your wireless network. Make sure you’re not exposed in these other ways

bug bounty

Why you need a bug bounty program

If you’re ready to deal with the volume of reports, a bug bounty program can help you can find the holes in your system — before attackers do

Adobe Flash player v10 icon

Microsoft rolls out KB 4010250 Flash Player update for Windows 8.1 and 10

In a bit of nostalgia, today's patch is attached to a Security Bulletin and not included in cumulative updates

pulling companies apart chain broken

The real problem with the security industry

What we learned at the RSA Conference: The security industry is failing its task of keeping users and information safe because it refuses to play well with others

code big data binary programming

Java and Python FTP attacks can punch holes through firewalls

Hackers can trick Java and Python applications to execute rogue FTP commands that would open ports in firewalls

23922465470 fe3c8b8cdf o

Verizon knocks off $350M from Yahoo deal after breaches

Yahoo will also share in some potential liabilities related to two massive data breaches

Woman surprised with balloons

Surprise! Microsoft issues Flash patches for Internet Explorer, Edge

After announcing last week that February's patches would be delayed until March, Microsoft alerts large customers that security patches are due today—but details remain sketchy

3 bitcoin

Would killing Bitcoin end ransomware?

Bitcoin and ransomware seem to go hand-in-hand, but experts say that doing away with the cybercurrency would just force cybercriminals to find another anonymous way to extort money

security automation robot

Build your security defense on data, not guesswork

Stop obsessing about the latest overhyped security threats. Delve into your own data about successful attacks on your organization first—and defend accordingly

red blue tools

5 open source security tools too good to ignore

Look to these clever open source tools to keep secrets out of source code, identify malicious files, block malicious processes, and keep endpoints safe

Load More