1 in 4 employees enable cloud attacks

Internal users, external collaborators and third-party apps are dramatically increasing the threat surface for new cloud cyberattacks.

PCI DSS 3.1 released

The PCI Security Standards Council published PCI Data Security Standard 3.1 and supporting guidance.

New Java vulnerabilities remotely executable without login

A remote attacker can exploit these vulnerabilities without a username or password to gain access or control of a target application and compromise sensitive data.

New trend in cybercriminal activity: APT wars

Kaspersky Lab has recorded a rare and unusual example of one cybercriminal attacking another.

18-year-old bug can be exploited to steal credentials of Windows users

A new technique for exploiting an 18-year-old bug in Windows SMB, which would allow attackers to intercept user credentials, has been uncovered.


What IT skills are in demand?

IT security tops the list of skills that teams need most, and one out of five reported having difficulty finding skilled talent for cloud initiatives. Companies are also looking for pros who have skills in network engineering, systems engineering, IT architecture and network operations.

What's New
Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Apr 17th
RSA Conference 2015
20 April - 24 April 2015.
HITBSecConf2015 Amsterdam
26 May - 29 May 2015.

Editor's choice

Exploit for crashing Minecraft servers made public

Programmer Ammar Askar has released a proof of concept exploit for the flaw in the hopes that this will force them to do something about it.

How IT pros protect and investigate their endpoints

More organizations are operating under the assumption that their network has already been compromised, or will be, according to a survey conducted by the SANS Institute.

Internet of Everything attack surface grows

There’s not a CIO out there who has an effective umbrella strategy for the Internet of Things today.

New Java vulnerabilities remotely executable without login

It is important that enterprises urgently patch their JREs and JDKs since 14 vulnerabilities addressed in this security update are remotely exploitable over a network without authentication.