Data security and privacy
Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.
Top Stories
-
Feature
19 Dec 2024
10 cybersecurity predictions for 2025
AI will still be a hot topic in 2025, but don't miss out on other trends, including initial access broker growth, the rise of vCISOs, tech rationalization and more. Continue Reading
By- Kyle Johnson, Technology Editor
-
Answer
19 Dec 2024
How bad is generative AI data leakage and how can you stop it?
Mismanaged training data, weak models, prompt injection attacks can all lead to data leakage in GenAI, with serious costs for companies. The good news? Risks can be mitigated. Continue Reading
By
-
News
04 Jan 2019
Cloud provider blames Ryuk ransomware for Christmas Eve attack
News roundup: Data Resolution claimed the Ryuk ransomware attack on its systems originated from North Korea. Plus, the EU is set to launch 14 open source bug bounties, and more. Continue Reading
By- Madelyn Bacon and Casey Clark
-
Answer
20 Dec 2018
Ticketmaster breach: How did this card skimming attack work?
The hacking group Magecart was recently found to have run a card skimming campaign that put customer information at risk. Learn how this attack worked from Nick Lewis. Continue Reading
By -
Podcast
19 Dec 2018
Risk & Repeat: Lessons from the Equifax breach report
This week's Risk & Repeat podcast looks at the U.S. House Committee on Oversight and Government Reform report on the Equifax breach and the infosec lessons to be learned from it. Continue Reading
By- Rob Wright, Senior News Director
-
Blog Post
17 Dec 2018
Marriott Starwood data breach notification de-values customers
The Marriott Starwood data breach exposed half a billion customers' data, but the hospitality giant seems to have learned from recent megabreaches that the standard response to a breach can be the ... Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
30 Nov 2018
Marriott discloses Starwood data breach affecting 500 million guests
Marriott International admitted to a Starwood data breach that began in 2014 and affects about 500 million customers. Experts are unsure about the GDPR implications. Continue Reading
By- Michael Heller, TechTarget
-
News
30 Nov 2018
Ponemon study shows data valuation discrepancies in enterprises
A new study from the Ponemon Institute shows enterprises are underestimating the value of their data, including critical and confidential information assets. Continue Reading
-
Blog Post
29 Nov 2018
Breaking down Dell's "potential cybersecurity incident" announcement
Dell provided some information about a "potential cybersecurity incident" earlier this month, but it's unclear how the company and customers should be reacting. Continue Reading
By- Rob Wright, Senior News Director
-
News
27 Nov 2018
USPS website flaw exposed data for one year
The U.S. Postal Service inadvertently exposed the data of 60 million users and has only just fixed the underlying website flaw, despite being notified of the issue one year ago. Continue Reading
By- Michael Heller, TechTarget
-
News
20 Nov 2018
Recorded Future names Tessa88 suspect in LinkedIn, Myspace breaches
Researchers at Recorded Future identified the individual behind the notorious Tessa88 hacker handle, but it's unclear what role he played in the LinkedIn and Myspace breaches. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
20 Nov 2018
Zero-trust security means new thinking plus practical steps
Implementing a security policy that, essentially, trusts no one and nothing doesn't have to be overwhelming if you understand the basics behind the security model. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
News
20 Nov 2018
AWS moves to curb S3 data leaks, but Chris Vickery is doubtful
Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most AWS exposures, is doubtful the changes will end the problem. Continue Reading
By- Michael Heller, TechTarget
-
News
12 Nov 2018
SSD encryption failures made worse by BitLocker settings
Researchers discover major manufacturers poorly implemented SSD encryption, allowing easy access to data, and Microsoft BitLocker made the issue worse. Continue Reading
By- Michael Heller, TechTarget
-
Answer
07 Nov 2018
How does site isolation defend against Spectre vulnerabilities?
Spectre exploits how processors manage performance-enhancing features. Expert Michael Cobb explains Google Chrome's initiative to use site isolation as a defense mechanism. Continue Reading
By -
News
26 Oct 2018
Settlement in Yahoo data breach leaves company to pay $50M
News roundup: The Yahoo data breach will cost the company another $50 million in a settlement deal. Plus, Check Point acquired cloud security company Dome9, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Podcast
25 Oct 2018
Risk & Repeat: Facebook breach raises regulatory questions
This week's Risk & Repeat podcast discusses new developments regarding Facebook's recent data breach, as well as the social networking giant's response to the incident. Continue Reading
By- Rob Wright, Senior News Director
-
News
19 Oct 2018
Facebook hack the work of spammers, not foreign adversary
News roundup: The Facebook hack was the work of spammers, according to The Wall Street Journal. Plus, 35 million voter records are for sale on the dark web, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Answer
09 Oct 2018
How was Google Firebase security bypassed?
Google Firebase's inadequate back-end development led to data leaks and vulnerabilities, including HospitalGown. Learn more about this security flaw from expert Michael Cobb. Continue Reading
By -
News
02 Oct 2018
Facebook GDPR fate uncertain following data breach
Facebook's GDPR consequences are still up in the air following a data breach, as Irish regulators are waiting on more information before determining if the social network will face a fine. Continue Reading
By- Michael Heller, TechTarget
-
News
21 Sep 2018
State Department data breach exposes employee info
A State Department data breach involving the agency's unclassified email system may have been due to a lack of multi-factor authentication, according to one expert. Continue Reading
By- Michael Heller, TechTarget
-
News
20 Sep 2018
GovPayNow leak exposes 14 million records dating back six years
Experts question the security audit and government agency vetting that took place before the GovPayNow leak, which affected 14 million customer records dating back six years. Continue Reading
By- Michael Heller, TechTarget
-
Blog Post
14 Sep 2018
What the GAO Report missed about the Equifax data breach
The Government Accountability Office investigated the Equifax data breach, but the GAO's report leaves out several important points about the infamous incident. Continue Reading
By- Rob Wright, Senior News Director
-
News
14 Sep 2018
British Airways data breach may be the work of Magecart
News roundup: The British Airways data breach may be the handiwork of hacking group Magecart, according to researchers. Plus, hacker Guccifer will be extradited to U.S., and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Podcast
12 Sep 2018
Risk & Repeat: Inside the GAO's Equifax breach report
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Government Accountability Office's report on the Equifax breach and the questions it raises. Continue Reading
By- Rob Wright, Senior News Director
-
News
05 Sep 2018
Five Eyes wants to weaken encryption, or legislation may be needed
Five Eyes -- the government intelligence alliance between Australia, Canada, New Zealand, the U.K. and the U.S. -- vows not to weaken encryption, while pushing for encryption backdoors. Continue Reading
By- Michael Heller, TechTarget
-
Answer
24 Aug 2018
What risks does the OpenFlow protocol vulnerability present?
Researchers found a vulnerability in OpenFlow that can cause problems. Learn how vendor-specific SDN controllers may cause these OpenFlow protocol vulnerabilities. Continue Reading
-
Answer
10 Aug 2018
Facebook user data: How do malicious apps steal user data?
Malicious apps collected Facebook user data through Facebook APIs. Expert Michael Cobb explains how social networking platforms can monitor third-party apps' access to data. Continue Reading
By -
News
31 Jul 2018
Yale data breach discovered 10 years too late
A Yale University data breach from 2008 was only just discovered, and the school has released details on the compromised information, including Social Security numbers. Continue Reading
By- Michael Heller, TechTarget
-
Tip
31 Jul 2018
Three steps to improve data fidelity in enterprises
Ensuring data fidelity has become crucial for enterprises. Expert Char Sample explains how to use dependency modeling to create boundaries and gather contextual data. Continue Reading
By- Char Sample, ICF International
-
News
27 Jul 2018
LifeLock vulnerability exposed user email addresses to public
News roundup: A LifeLock vulnerability exposed the email addresses of millions of customers. Plus, Amazon's Rekognition misidentified 28 members of Congress as criminals, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
26 Jul 2018
Ponemon: Mega breaches, data breach costs on the rise
The Ponemon Institute's '2018 Cost of a Data Breach Study' details a rise in data breaches with a look at mega breaches and why U.S. companies experience the greatest loss. Continue Reading
By- Casey Clark, TechTarget
-
Answer
26 Jul 2018
How does SirenJack put emergency warning systems at risk?
Bastille researchers created the SirenJack proof of concept to show how a vulnerability could put San Francisco's emergency warning system at risk. Judith Myerson explains how it works. Continue Reading
-
Tip
26 Jul 2018
How to identify and protect high-value data in the enterprise
Protecting data in the enterprise is a crucial but challenging task. Expert Charles Kao shares key steps and strategies to consider to identify and protect high-value data. Continue Reading
By- Charles Kao, Simply Auri
-
Feature
24 Jul 2018
Cisco's chief privacy officer on the future of data after GDPR
Michelle Dennedy, vice president and chief privacy officer at Cisco, discusses her company's approach to meeting the requirements of the EU's General Data Protection Regulation. Continue Reading
-
News
29 Jun 2018
Exactis leak exposes database with 340 million records
Experts said the Exactis leak needs to be treated as a learning moment for defining identity online after the marketing firm exposed data on 230 million adults and 110 million businesses. Continue Reading
By- Michael Heller, TechTarget
-
Answer
27 Jun 2018
How are air-gapped computers put at risk by the Mosquito attack?
Researchers recently discovered Mosquito -- an air-gapped attack that bites computers to put air-gapped networks at risk. Discover the logistics of this technique with Judith Myerson. Continue Reading
-
Tip
07 Jun 2018
How lattice-based cryptography will improve encryption
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option. Continue Reading
By -
Opinion
01 Jun 2018
Q&A: Why data security controls are a hard problem to solve
Feeling less friendly after Facebook? "There is a great deal of power in being able to combine data-sources," says Jay Jacobs, security data scientist. Continue Reading
- 29 May 2018
-
Tip
22 May 2018
DeOS attacks: How enterprises can mitigate the threat
An increase in DeOS attacks has been reported just as the 'Cisco 2017 Midyear Cybersecurity Report' predicted. Learn how these attacks target off-site backups with David Geer. Continue Reading
By- David Geer, Geer Communications
-
Podcast
17 May 2018
Risk & Repeat: Why Ray Ozzie's Clear proposal isn't so clear
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Ray Ozzie's solution for going dark, known as Clear, and what infosec experts are saying about it. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
17 May 2018
SSH private keys: How do threat actors find exposed keys?
Cybersecurity vendor Wordfence reported a rise in scans for SSH private keys that are often accidentally exposed to the public. Learn how to stay protected with Nick Lewis. Continue Reading
By -
News
20 Apr 2018
Another misconfigured Amazon S3 bucket exposes 48M records
News roundup: A misconfigured Amazon S3 bucket led to the exposure of 48 million records collected by a private data analytics firm. Plus, PCI SSC updated its cloud guidelines, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
17 Apr 2018
Fidelis rolls out new active deception approach to security
Active deception is set to be an important part of cloud defense, as Fidelis Cybersecurity adds active decoys to protect cloud assets in the enterprise. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
17 Apr 2018
What the security incident response process should look like
An enterprise needs to have a strong security incident response process plan mapped out early. Expert Ernie Hayden shares how to turn an incident into a learning experience. Continue Reading
By- Ernie Hayden, 443 Consulting LLC
-
Feature
11 Apr 2018
Cybersecurity defense in depth means more than ticking boxes
F-Secure's Tom Van de Wiele explains the realities of cybersecurity defense in depth, and why companies need to have the right attitude to defend against cyberattacks. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
06 Apr 2018
Misconfigured cloud storage leaves 1.5B files exposed
Researchers found misconfigured cloud storage across multiple platforms left huge amounts of data exposed, including medical information and payroll data. Continue Reading
By- Michael Heller, TechTarget
-
Opinion
03 Apr 2018
Cost of data privacy breach may not be enough
While the European Union is taking major steps to protect residents' data privacy, little has happened in the United States, even after Equifax and Facebook. Continue Reading
- 30 Mar 2018
-
News
22 Mar 2018
Watson's Law: IBM preaches data stewardship as A.I. advances
At IBM's Think conference, executives discussed the importance of protecting and managing data as artificial intelligence offerings like Watson grow and touch more information. Continue Reading
By- Rob Wright, Senior News Director
-
News
20 Mar 2018
IBM outlines visions for crypto anchors, lattice cryptography
At IBM's Think conference, Big Blue researchers discussed new security-centric projects around blockchain databases, crypto anchors and quantum-resilient encryption. Continue Reading
By- Rob Wright, Senior News Director
-
News
16 Mar 2018
Following Equifax data breach, executive charged with insider trading
News roundup: A CIO has been charged with insider trading after the Equifax data breach. Plus, Trump blocked Broadcom's acquisition of Qualcomm, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Tip
08 Mar 2018
Entropy sources: How do NIST rules impact risk assessments?
NIST recently released new guidance on entropy sources used for random bit generation. Judith Myerson explains these recommendations and how they alter cryptography principles. Continue Reading
-
News
06 Mar 2018
Equifax data breach affected 2.4 million more consumers
The massive Equifax data breach affected even more people. The startling total is now 147.9 million U.S. consumers who had their information stolen by hackers. Continue Reading
By- Madelyn Bacon, TechTarget
-
Answer
26 Feb 2018
Uber breach: How did a private GitHub repository fail Uber?
The recent Uber breach calls into question the use of code repositories. Expert Matt Pascucci explains how the breach of GitHub and Amazon Web Services occurred. Continue Reading
-
News
14 Feb 2018
Equifax breach worsens, additional consumer data exposed
The Equifax breach compromised even more consumer data, including tax identification numbers, than originally reported. But the credit rating agency didn't disclose the update. Continue Reading
By- Madelyn Bacon, TechTarget
-
Feature
01 Feb 2018
GDPR breach notification: Time to focus on the requirements
Some large U.S. companies have been working behind the scenes on GDPR requirements for more than a year, but there's strong evidence that many have not been as diligent. Continue Reading
By- Steve Zurier, ZFeatures
-
Opinion
01 Feb 2018
Data protection compliance costs less than noncompliance
Smaller companies -- with fewer than 5,000 employees -- in particular may be hit hard by GDPR requirements and other data compliance hurdles. A new report does the math. Continue Reading
- 26 Jan 2018
- 26 Jan 2018
-
Answer
19 Jan 2018
What do Dnsmasq vulnerabilities mean for Android users?
Researchers found several Dnsmasq vulnerabilities that affect Google's Android operating system. Matt Pascucci explains how these flaws can be exploited by threat actors. Continue Reading
-
Answer
17 Jan 2018
Confused deputy: How did the vulnerability affect Slack?
A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this 'confused deputy' problem was handled. Continue Reading
-
Podcast
11 Jan 2018
Business threat analytics: How does real-time data impact results?
Explore the top things you should know about real-time analytics with Johna Till Johnson and learn how it reduces false positives detected in your system on a daily basis. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
Answer
10 Jan 2018
How is IP theft possible despite cryptographic protections?
Expert Judith Myerson explains how IP theft can happen despite the cryptographic protections in IEEE standard P1735, as well as what can be done to protect intellectual property. Continue Reading
-
News
05 Jan 2018
A DHS data breach exposed PII of over 250,000 people
News roundup: A DHS data breach exposed PII of 250,000 federal employees, as well as investigative data from 2002 to 2014. Plus, a new bill aims to nix paperless voting, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Tip
04 Jan 2018
The ROCA vulnerability: How it works and what to do about it
The ROCA vulnerability is a serious flaw in cryptographic keys. Expert Michael Cobb explains what the flaw is, how it works and what can be done to lessen the risk to enterprises. Continue Reading
By -
Blog Post
28 Dec 2017
After 2017, data breach fatigue should be a thing of the past
Data breach fatigue should be put on hold after the Equifax data breach and Uber hack taught us painful lessons about enterprise security shortcomings. Continue Reading
By- Rob Wright, Senior News Director
-
News
15 Dec 2017
Half of business leaders admit to hiding data breach information
News roundup: Data breach information is kept from customers 50% of the time, according to a report. Plus, the FBI director continues to preach against encryption, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
News
12 Dec 2017
1.4 billion stolen credentials found on dark web
A massive repository containing more than 1.4 billion stolen credentials was found on the dark web with special features for malicious actors. Continue Reading
By- Michael Heller, TechTarget
-
Answer
12 Dec 2017
How can platform firmware be protected from attacks?
The NIST published guidance on building up platform firmware resiliency. Expert Judith Myerson looks at the NIST guidelines and the major takeaways for enterprises. Continue Reading
-
News
08 Dec 2017
Hacker behind Uber data breach was paid off through bug bounty
News roundup: The man responsible for the 2016 Uber data breach is a 20-year-old from Florida. Plus, Ethiopia reportedly targeted dissidents with Israeli spyware, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Podcast
07 Dec 2017
Risk & Repeat: Analyzing the accidental data breach
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise of accidental data breaches following a series of enterprise exposures of user data online. Continue Reading
By- Rob Wright, Senior News Director
-
Blog Post
22 Nov 2017
Uber data breach raises unsettling questions for infosec
The Uber data breach episode is another black eye for the ride sharing company, but the cover up raises troubling implications for the infosec community. Continue Reading
By- Rob Wright, Senior News Director
-
News
10 Nov 2017
Following Equifax breach, CEO doesn't know if data is encrypted
News roundup: Following the massive Equifax breach, the CEO said he doesn't know if customer data is encrypted or not. Plus, flaws were found in IEEE's P1735 standard, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Podcast
01 Nov 2017
Risk & Repeat: Responsible encryption ramps up
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent push from law enforcement officials for responsible encryption and what that may mean. Continue Reading
By- Rob Wright, Senior News Director
-
News
20 Oct 2017
Microsoft mum on 2013 database breach of bug tracking system
News roundup: Former employees reveal a 2013 database breach exposed Microsoft's bug tracking system, DHS sets new rules for federal agencies on web, email security, and more. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
18 Oct 2017
ROCA RSA flaw unveils secret keys on wide range of devices
Researchers disclosed the ROCA RSA vulnerability as a dangerous flaw in the cryptographic code of Infineon chips that could undermine encryption key security for a number of devices. Continue Reading
By- Michael Heller, TechTarget
-
Answer
16 Oct 2017
Telerik web UI: Can the cryptographic weakness be mitigated?
A cryptographic weakness was discovered in the Telerik web UI. Expert Judith Myerson alerts readers about this weakness and the alternative options for companies to explore. Continue Reading
-
Podcast
11 Oct 2017
Risk & Repeat: Scope of Equifax, Yahoo breaches expands
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the expanding scope of the Equifax and Yahoo breaches and the long-term effects of these major security incidents. Continue Reading
By- Rob Wright, Senior News Director
-
News
07 Oct 2017
NSA breach leads to theft of government spy software
An NSA contractor became the target of a cyberattack after storing agency spying software on a personal device, and this NSA breach has caused a rise in fears regarding Russia. Continue Reading
By- Michael Heller, TechTarget
-
Tip
03 Oct 2017
Understanding data manipulation attacks in enterprise security
When it comes to protecting data, ransomware isn't the only thing that should worry enterprises. Nick Lewis explains the threat of data manipulation attacks and how to stop them. Continue Reading
By -
Opinion
02 Oct 2017
No customer data leaks? Companies look down the rabbit hole
When Yahoo finally disclosed a massive 2014 data breach to up to five hundred million affected account holders in September 2016, some already had legal representation. Continue Reading
-
E-Zine
02 Oct 2017
Growing data protection risks and how to manage them
Companies today collect more data from more sources than ever before. Often the data is distributed across on-premises environments, cloud systems and third-party networks. The network perimeter behind which most enterprise data once resided is gone, and users now have the ability to access data from anywhere and at any time via laptops, smartphones and other mobile devices. Managing these data protection risks creates unique challenges for CISOs and their security teams.
"Security must be able to protect the data wherever it is being used, viewed or saved," said Christopher Pierson, executive vice president, general counsel and CSO at Viewpost, an electronic payments and invoicing service, based in Maitland, Fla.
For organizations covered by regulations such as PCI DSS, HIPAA, the Gramm-Leach-Bliley Act and, soon, the European Union General Data Protection Regulation, the trends pose enormous compliance headaches. The distribution of data and the many ways in which it can be accessed has made handling data protection risks especially challenging.
At the same time, many companies have network-level security models that prevent their security teams from transitioning to data-level controls. In this issue of Information Security magazine, we look at data-centric security models and better ways to manage data protection risks.
Continue Reading -
News
29 Sep 2017
Deloitte hack compromised sensitive emails, client data
News roundup: During the Deloitte hack, attackers had access to client data and internal email servers. Plus, the U.S. asks China not to enforce its Cybersecurity Law, and more. Continue Reading
By- Madelyn Bacon, TechTarget
- 28 Sep 2017
-
Podcast
21 Sep 2017
Risk & Repeat: Equifax data breach fallout continues
In this week's Risk & Repeat podcast, SearchSecurity editors continue discussing the Equifax data breach and examine new details about an Apache Struts flaw tied to the attack. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
15 Sep 2017
Symantec Data Loss Prevention: Product overview
Expert Bill Hayes checks out the Symantec Data Loss Prevention suite, featuring an architecture consisting of content-aware detection servers, endpoint agents and unified management. Continue Reading
By -
News
13 Sep 2017
Equifax breach response deemed insufficient in multiple ways
Experts criticized the Equifax breach response as insufficient, given the size and scope of the data loss, and they said the company was likely not prepared for such an incident. Continue Reading
By- Michael Heller, TechTarget
-
Podcast
13 Sep 2017
Risk & Repeat: Equifax data breach response called into question
In this week's Risk & Repeat podcast, SearchSecurity editors tackle the massive Equifax data breach and how the credit bureau's response to the security incident is creating more problems. Continue Reading
By- Rob Wright, Senior News Director
-
News
08 Sep 2017
Equifax breach exposes 143 million consumers' personal data
A massive Equifax breach, which was discovered in July, exposed the personal information, including names, birth dates and Social Security numbers, of 143 million Americans. Continue Reading
By- Rob Wright, Senior News Director
-
News
17 Aug 2017
NotPetya ransomware impact costs Maersk hundreds of millions
Danish shipping giant A.P. Moller-Maersk said the NotPetya ransomware attacks severely damaged business processes and the impact has been estimated at as much as $300 million in lost revenue. Continue Reading
By- Michael Heller, TechTarget
-
Security School
17 Aug 2017
CISSP Domain 2: Asset security
This Security School will help prepare you for Domain 2 of the CISSP exam, providing overviews of data encryption methods, data ownership concepts and asset protection. Continue Reading
-
Tip
08 Aug 2017
Why data fidelity is crucial for enterprise cybersecurity
Cybersecurity teams can't be effective if they don't trust their data. Expert Char Sample explains the importance of data fidelity and the threat of cognitive hacking. Continue Reading
By- Char Sample, ICF International
-
Answer
07 Aug 2017
How did flaws in WhatsApp and Telegram enable account takeovers?
Flaws in WhatsApp and Telegram, popular messaging services, enable attackers to break encryption and take over accounts. Expert Michael Cobb explains how the attacks work. Continue Reading
By -
Answer
04 Aug 2017
Could the WannaCry decryptor work on other ransomware strains?
Researchers created WannaCry decryptor tools after the outbreak of the ransomware. Expert Matthew Pascucci explains how the tools work and if they work on other ransomware. Continue Reading
-
Podcast
28 Jul 2017
Risk & Repeat: Why are Amazon S3 buckets spilling on the web?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the series of enterprise data leaks through misconfigured Amazon S3 buckets and what should be done about them. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
25 Jul 2017
ASLR side-channel attack: How is JavaScript used to bypass protection?
Researchers have developed an ASLR Cache side-channel attack that enables them to eliminate ASLR protections. Expert Nick Lewis explains how JavaScript code is used in the attack. Continue Reading
By -
Guide
21 Jul 2017
What data loss prevention systems and tactics can do now
Setting up systems to preventing data loss is a must for companies of all sizes. Learn the basics of and what's new in data loss prevention and how to keep your DLP system humming. Continue Reading
-
Tip
20 Jul 2017
Tools to transfer large files: How to find and buy the best
Need to transfer files within headquarters or between branches? Managed file transfer tools now offer some interesting new features. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
News
18 Jul 2017
Another AWS data leakage due to misconfiguration
Dow Jones becomes the latest organization to be affected by an AWS cloud data leakage due to misconfiguration and user error. Continue Reading
By- Michael Heller, TechTarget
-
News
14 Jul 2017
AWS S3 bucket leak exposes millions of Verizon customers' data
News roundup: An AWS S3 bucket leak containing personal data of millions of Verizon customers was exposed to the public. Plus, DNC hack victims are suing the Trump campaign, and more. Continue Reading
By- Madelyn Bacon, TechTarget