Home > RSS Feeds > Security
  • The critical open-source hypervisor used by major public cloud providers now enables live patching and incorporates other new features.

  • The United States and the European Union agree to modify their data transfer pact, but what now for the United Kingdom?

  •'s lead information security engineer discusses container security at DockerCon 16.

  • After snapping up Secure Islands last year, Microsoft debuts a data security technology that follows enterprise data wherever it roams.

  • Citrix officials say no sensitive personal data was exposed or services impacted during what they called a "very sophisticated password attack."

  • Ransomware attacks are on the rise—more than 4 million examples of ransomware were identified in the second quarter of 2015, and that number is expected to increase throughout 2016. The result: Many organizations are feeling helpless, wondering how to reduce their vulnerability. These incidents can leave organizations flat-footed and defenseless, with little option but to pay up or lose access to sensitive data. However, the solution to ransomware is simple: A solid backup, even one made a few days before the ransom software is run, can be a sure-fire way to prevent your data from being held hostage, escalating to mission-critical stoppages. The key is to make backup highly efficient and unnoticeable to end users, such that they are being protected without even knowing it. This eWEEK slide show, based on information from Druva executives, as well as the company's white papers, provides six simple steps you can leverage for a robust backup plan. Following these steps will ensure you have a rock-solid backup routine in place. In case a network or end user is compromised, your team will be less vulnerable and less likely to be forced to meet an attacker's onerous demands. Rather, your team can take a defensive posture and quickly restore data from time-indexed copies.

  • Cyber-criminals have already shifted to another ransomware program, CryptXXX, but researchers continue to puzzle over why TeslaCrypt's operators gave up their encryption keys.

  • VIDEO: Gus Robertson, CEO of NGINX, discusses his firm's latest technology and what's coming next.

  • Two more cyber-security firms report finding evidence linking the Democratic National Committee's server breach to known Russian hacking groups.

  • We've known for a long while that passwords, firewalls and private networks simply aren't sufficient for tight IT security anymore. It's all too easy for even a semi-sophisticated cyber-criminal to scan for passwords and find back doors into personal and business data that, sooner or later, amount to illicit money in the thief's bank account. Thus, the race is on to develop workable alternatives, with behavioral biometrics one of the more promising ones. Behavioral biometrics is an additional layer of security that provides seamless, continuous user authentication. It works by collecting and evaluating a mix of behavior patterns, such as the way we move our hand on a mobile device screen or with a mouse, to create advanced behavioral algorithms to establish a user's profile. The next time that person uses the service, the technology will rate current interactions against his or her profile and provide a recommended action to allow, challenge or block access to the account. These patterns are monitored and analyzed continuously—and frictionlessly, in the background—to provide continuous account protection. What makes behavioral biometrics so intriguing is that it's virtually impossible to imitate another person's behavior precisely, unlike static biometrics (fingerprint, retina, etc.), which can be stolen and reused. For this slide show, eWEEK worked with Radiant Insights, Verizon and TeleSign, a mobile identity software developer, to come up with key data points on this topic.

  • The average cost of a data breach rose to $4 million from $3.8 million in 2015, according to the 2016 Cost of Data Breach Study conducted by the Ponemon Institute and sponsored by IBM. As has been the case in all past editions of the report, the cost of data breaches continues to climb year-over-year. As the overall costs of data breaches have risen, so too has the cost for each lost or stolen record. In 2016, across all verticals on a global basis, each lost or stolen record cost $158, up from $154 in 2015. That said, the cost of a data breach and the value of lost or stolen records is not uniform and depends on multiple factors. For example, organizations that have incident-response teams can lower the cost per lost record by $16. Additionally, the report found that breaches that were the result of malicious or criminal attacks were more expensive than the overall average, costing organizations $170 per stolen record. In this slide show, eWEEK takes a look at key highlights of the 2016 Cost of Data Breach Study.

  • Google got serious about improving Android security in 2015, and this year it is increasing its payouts for security disclosures.

  • Bracket Computing's overlay networking approach uses a technology known as a metavisor to help enforce security.

  • A majority of board directors and top execs said failing to give them useful cyber-risk information would likely lead to security professionals' dismissal.

  • Portadi's machine-learning IP will automate on-board credentialing for all the apps used in the organization, saving employees and IT a lot of time.

Rocket Fuel