Key obstacles to effective IT security strategies

Posted on 18 June 2013. | Drawing on data gathered from a total of 3,037 individuals, a Ponemon Institute survey revealed a clear disconnect between these groups within UK enterprises.

It takes 10 hours to identify a security breach

Posted on 17 June 2013. | Businesses are vulnerable to security breaches due to their inability to properly analyze or store big data, according to McAfee.

U.S. tech companies sharing bug info with U.S. govt before releasing fixes

Posted on 17 June 2013. | Many U.S.-based companies are voluntarily sharing sensitive information with the U.S. national security agencies in order to get information about potential risks and attacks.

OWASP top 10 web application risks for 2013

Posted on 13 June 2013. | OWASP has released its 2013 top 10 list of risks associated with the use of web applications in an enterprise.

Oppose PRISM-like programs today or lose you privacy tomorrow

Posted on 13 June 2013. | There is a saying that the power drives those holding it to want more power.

Spotlight

Information security executives need to be strategic thinkers

Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.

Large orgs in denial about own security breaches?

Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.

Vulnerability scanning with PureCloud

Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.

To hack back or not to hack back?

Posted on 12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?

Reactions from the security community to the NSA spying scandal

Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.

What's New

The security of WordPress plugins | 18 June 2013. |

Checkmarx’s research lab identified that more than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection.
- Is accessing work apps on the move destructive?
Businesses not fully implementing infosec programs | 18 June 2013. |

Many U.S. small businesses are taking a passive approach when it comes to protecting their data leaving themselves vulnerable to data loss and possible financial and reputational damage.
- CyanogenMod founder aims to thwart data-grabbing apps
How to detect hidden administrator apps on Android | 18 June 2013. |

Trend Micro has created a tool that helps users find and remove this and other similar malicious software.
- Bill aims to regulate email privacy in the cloud
Microsoft releases Enhanced Mitigation Experience Toolkit 4.0 | 18 June 2013. |

EMET is a free utility that helps prevent memory corruption vulnerabilities in software from being successfully exploited for code execution.
- New regulation for ENISA, the EU cybersecurity agency

Daily digest

By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.

Weekly newsletter

With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.

DON'T
MISS
Tue, Jun 18th

18 June 2013.

The security of WordPress plugins

18 June 2013.

Detect hidden administrator apps on Android

18 June 2013.

Key obstacles to effective IT security strategies

18 June 2013.

Microsoft releases EMET 4.0

17 June 2013.

Account takeover attempts have nearly doubled

Malware News

Asia-wide targeted campaign drops backdoor, RAT
14 June 2013.

Sourceforge accounts hosting malicious files | 12 June 2013. |

Washington Free Beacon website redirects to malware | 11 June 2013. |

Researchers find self-propagating Zeus variant | 11 June 2013. |

Microsoft Citadel takedown ultimately counterproductive | 10 June 2013. |

Editor's choice

Information security executives need to be strategic thinkers

17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.

It takes 10 hours to identify a security breach

17 June 2013. | Businesses are vulnerable to security breaches due to their inability to properly analyze or store big data, according to McAfee.

Large orgs in denial about own security breaches?

14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.

Why does the public now listen to an U.S. government whistleblower?

13 June 2013. | This is not the first time that a government whistleblower has come forward and tried to warn the U.S. public about the surveillance overreach of government agencies, but it was the first time that such revelations had such a global impact and response.

To hack back or not to hack back?

12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?

Reactions from the security community to the NSA spying scandal

11 June 2013. | Here comments on this scandal that Help Net Security received from a variety of security professionals and analysts.

Spotlight

The security of WordPress plugins | 18 June 2013. |

Businesses not fully implementing infosec programs | 18 June 2013. |

How to detect hidden administrator apps on Android | 18 June 2013. |

Microsoft releases Enhanced Mitigation Experience Toolkit 4.0 | 18 June 2013. |

Editor's choice