Dubbed 'cloudbleed' by some, the data leakage flaw potentially could have exposed data from Uber, Fitbit, 1Password and other popular online services that rely on Cloudflare.
Google's vast cloud computing infrastructure was harnessed to demonstrate that it is possible to crack the Secure Hash Algorithm-1 cryptographic function through a brute force computational methods.
The National Association of Secretaries of States adopted a resolution to oppose the designation of election systems as "critical infrastructure” by the U.S. Department of Homeland Security.
The annual RSA Conference has long been one of the premier venues for security vendors to announce and demonstrate new products and services. The 2017 edition of the RSA Conference, which took place in San Francisco Feb. 13-17, followed the historical trend with a number of vendors making announcements. RSA, now part of Dell Technologies, used its namesake conference to make a series of announcements around its new Business Driven Security strategy. Among RSA's new products is a major update to the SecurID Access portfolio that provides organizations with improved mobile and biometric options for authentication as well as security data analytics. Qualys used the conference as an opportunity to launch a pair of new services: an Indicator of Compromise (IOC) service that monitors endpoints for suspicious activities and a File Integrity Monitoring (FIM) service that logs and centrally tracks file changes. And security rating firm SecurityScorecard announced its new free Malware Grader service, helping organizations understand the risk of identified malware. Those are just a few of the many new products announced at the 2017 RSA Conference. In this slide show, eWEEK takes a look at 13 new security technologies debuting at the show.
With health care data fetching significant profits both in underground data sales and ransomware, the industry is an inviting target, but network scans indicate organizations remain vulnerable.
This year's RSA Conference, which was held Feb. 13-17 in San Francisco, saw more than 43,000 attendees show up to listen to speakers and to learn from vendors about the latest security trends, products and services. Among the annual traditions at the RSA Conference is the Cryptographers Panel, which includes Ron Rivest (the "R" in RSA) and Adi Shamir (the "S" in RSA). The cryptographers are not particularly enthusiastic about the modern state of security, with Shamir claiming that the internet as we know it is broken. Also at the conference, former U.S. National Security Agency (NSA) chief Gen. Keith Alexander talked about how the cloud can help enable a common defense for organizations of all sizes. Meanwhile at a VIP event at the RSA Conference, Michael Dell, CEO of Dell Technologies, spoke about new innovations from RSA as well his company's broader approach to securing IT assets and information. And at a number of sessions at the conference, Google detailed its approaches to both Android and Gmail security. In this slide show, eWEEK takes a look at some of the highlights of the 2017 RSA Conference.
Cisco expands its Next Generation Firewall product portfolio with the new Firepower 2100 Series, alongside new security management capabilities enabling organizations to manage security both on device hardware and from a centralized location.
VIDEO: Daniele Catteddu, CTO of the CSA, discusses the new STARWatch cloud security management SaaS application and the expansion of the Software Defined Perimeter.
VIDEO: Paul Paget, CEO of Pwnie Express, discusses how his firm is growing thanks in part to increasing concern about the expanding scope of internet of things device risks, like Mirai.
NEWS ANALYSIS: "Operation BugDrop" malware stealthily infects computers and turns on the onboard microphone to gather audio files, which it exports to Dropbox files for retrieval and analysis.
The diversity of agencies and systems and a lack of expertise in state and local governments mean that attackers can often easily target their systems successfully.
VIDEO: What happens to IoT user accounts in the cloud when a device or even a car is sold? According to new research from IBM Security, revocation of old users isn't happening, exposing a major new risk.
NEWS ANALYSIS: It is quite possible that there is no such thing as personal data privacy anymore--especially when it comes to video.
Though there was at least one successful high-profile phishing attack against a Gmail user in 2016, Google is aggressively defending its millions of Gmail users.
Pretending to be a willing dupe can help security firms identify and shut down the bank accounts used by scammers, turning the tables on attackers.