• How PCI DSS 3.0 impacts business owners

    Based on insight from security experts, the card brands, and merchants, the PCI Security Standards Council periodically refines the guidelines to reflect current data security risks and best practices. While the changes are intended to help merchants make transactions safer for themselves and consumers, updates to the rules can also be highly confusing for business owners.

    What do you need to know about the new version, and how can you prepare for more changes on the horizon?

  • IT security is a matter of accountability

    Raj Sabhlok, President at Zoho, explains how understanding IT security is now a key responsibility for the modern CEO.

  • Patching: The least understood line of defense

    Even IT pros that understand patching too often hate it. Because of myriad systems involved, and the large number of patches, the process is not just constant, but can be extraordinarily complex. One canít just install a patch and forget it, as with Windows Updates where the fixes are well vetted. On servers in particular, patches may need to be tested, then installed, and too often reinstalled due to a bad patch or software conflicts. All to defend against an attack that may or may not happen.

  • 5 things infosec can learn from adventure games

    As an active adventure gamer and a natural seeker of reusable patterns, Iíve noticed that some of the things I do to achieve success in video games can be applied to information security.

  • The economics of hacking

    In this podcast recorded at Black Hat USA 2014, Wade Williamson, Security Researcher at Shape Security, talks about the economics of hacking and how some of today's techniques are trying to invert it.

  • Why every security-conscious organization needs a honeypot

    When you think about the layers of security your business needs, you probably think about firewalls, authentication systems, intrusion prevention, antivirus, and other common security controls. However, I suspect few think about honeypots. Thatís a shame, as honeypots make perfect network security canaries, and can improve any organizationís defense.

  • Point of Sale system architecture and security

    To most people, Point of Sale (POS) systems with integrated payment processing are a black box where magic happens.

    In this podcast recorded at Black Hat USA 2014, Lucas Zaichkowsky, Enterprise Defense Architect at AccessData, talks about how financial criminals breach hundreds of merchants each year, displaying a better understanding of how these systems operate than the dealer technicians that install and maintain them.

  • How important is website security?

    In this interview, Nicholas Sciberras, Product Manager at Acunetix, illustrates why website security should be a priority in any organization. He talks about the challenges involved in auditing website security, illustrates the pros and cons of using remote vs. in-house security testing, and more.

  • Why IT security is broken and how math can save it

    In this podcast recorded at Black Hat USA 2014, Stuart McClure, CEO at Cylance, talks about how the information security industry has evolved when it comes to detecting bad guys, but it's being mostly reactive and not proactive. Signature-based technologies are flawed and easily bypassed since they incorporate only a fraction of characteristics of a bad file or activity.

  • Securing the U.S. electrical grid

    The Center for the Study of the Presidency & Congress (CSPC) launched a project to bring together representatives from the Executive Branch, Congress, and the private sector to discuss how to better secure the U.S. electric grid from the threats of cyberattack, physical attack, electromagnetic pulse, and inclement weather.

    The result is the Securing the U.S. Electrical Grid report, and talking about critical security challenges we have Dan Mahaffee, the Director of Policy at CSPC.

Videos      Podcasts


Hackers indicted for stealing Apache helicopter training software

Posted on 1 October 2014.  |  Members of a computer hacking ring have been charged with breaking into computer networks of prominent technology companies and the US Army and stealing more than $100 million in intellectual property and other proprietary data.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Wed, Oct 1st