Articles
  • Securing virtual machines: Considerations for the hybrid cloud

    Many people don’t realize that a majority of today’s data security solutions were designed for physical ecosystems rather than virtual environments. New technologies are needed to address concerns for hybrid cloud security, providing assurances that cloud-hosted workloads are protected from other tenants, outside threats, and cloud administrators. This article looks at several important considerations for assessing a security solution for your hybrid cloud environment.

  • Are free file storage solutions a safe bet for businesses?

    The benefits of cloud computing are becoming increasingly recognised, and with this heightened understanding comes growing numbers of UK businesses that are embracing the use of the cloud for the storage of data. As the technology continues to gather momentum on these shores, many firms and employees are likely to consider utilising popular free services such as Dropbox and Box. Such storage solutions have already been widely adopted by consumers and SMEs alike; however, these solutions are not without their risks.

  • Apple built multi-factor authenticated payment in the right order

    Apple has built a payment system by first rolling out the “second factor”—the biometric Touch ID—and then by rolling out the first factor: the payment application and API. They have spent a couple years acquainting themselves with the really hard bit: biometrics. Now they can do the easy bit: payments. Everyone else has gone about it in reverse order.

  • 5 key things to consider when developing an enterprise mobility management strategy

    Imagine this situation: Bob, the VP of Sales, loses his smartphone on the train. There are two major issues. The device is lost and sensitive company information may be exposed. Additionally, the user has to notify the IT Department to track and wipe the device. How can the exposure of sensitive company data and the negative impact on productivity be minimized?

  • Why open source and collaboration are the future of security

    In this podcast recorded at Black Hat USA 2014, Greg Martin, CTO at ThreatStream, talks about why open source and collaboration are the key drivers of information security innovation. He also discusses the downside of using honeypots as defensive technologies in smaller security architectures, and how that complexity can be avoided.

  • Mobile forensics in a connected world

    In this interview, Andrew Hoog, CEO of viaForensics, talks about the forensic examination of mobile devices, the challenges involved with testifying at trials, and offers advice to those interested in working in the mobile security forensics field.

  • Malicious and risky apps on Android and iOS

    Knowingly or unknowingly to the user, some apps can collect GPS data, grab your contact information, your phone ID, email address, etc.

    In this podcast recorded at Black Hat USA 2014, Mike Raggo, Security Evangelist at MobileIron, talks about the risky behavior of certain apps downloaded from Google Play or the App Store.

  • 5 tips for security behavior management programs

    Security awareness has long been a point of frustration for information security professionals. While many organizations conduct awareness training of some kind, they have struggled to develop effective training, as posters and knick-knacks urging employees to change passwords frequently have failed to improve their security behavior. Consequently, employee behavior continues to be a common cause of data breaches, with some in the industry even concluding that improving user behavior is impossible.

  • Lessons learned from running 95 bug bounty programs

    Large companies such as Google and Facebook have dedicated teams that review bug submissions, verify valid bugs and reward security researchers, but that can be time and cost-prohibitive for most companies. Bugcrowd is making sure that every company can leverage the power of crowdsourced security.

    In this podcast recorded at Black Hat USA 2014, Casey Ellis, Founder and CEO of Bugcrowd, talks about the lessons they've learned after running 95 bug bounty programs as well as the different types of researchers that take part in their programs.

  • Big Data is big noise

    Big Data was supposed to be the solution to all our security problems, but this spotlight on intruders turned out to be a mess of white noise. Hiding comfortably in that noise, however, are legitimate indicators that point to valid network threats, such as suspicious user behavior.

Videos      Podcasts



Spotlight

Hackers indicted for stealing Apache helicopter training software

Posted on 1 October 2014.  |  Members of a computer hacking ring have been charged with breaking into computer networks of prominent technology companies and the US Army and stealing more than $100 million in intellectual property and other proprietary data.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //