Security News & Reviews

More Security News

Google Content Security Policy

How Google Is Using Content Security Policy to Mitigate Web Flaws

|
Google outlines approach it has taken to help mitigate risks from Cross Site Scripting (XSS) web flaws, by using Content Security Policy.
Facebook privacy

Facebook Fumbles More Passwords as Security Missteps Continue

|
NEWS ANALYSIS: Facebook revises the impact of its March 2019 password disclosure security incident to include "tens of millions" of Instagram users, highlighting the continued challenges the social media giant faces to keep user information secure.
HPI.sure.view.elitebook

Why HP Has Taken the PC Security Lead

| Updated
PRODUCT ANALYSIS: In its new PCs, HPI has blended elements that are typically focused on consumers, such as Apple-like designs, with features that normally target only corporate users—such as security—across their lines.
Oracle

Oracle Patches 3-Year-Old Java Deserialization Flaw in April Update

|
Oracle releases its second critical patch update set for 2019, patching a total of 297 issues spread across its software portfolio, though one issue in particular could be more critical for users to patch.
Cisco Talos Sea Turtle

Nation-State Attackers Exploiting DNS at Scale, Cisco Reports

|
A nation-state backed group of attackers that Cisco Talos is identifying as Sea Turtle, have been actively exploiting domain name information, by going after domain registries for entire countries.
Blackberry CTO Charles Eagan

How BlackBerry Has Become a Cyber-Security Player VIDEO

|
eWEEK VIDEO: BlackBerry CTO Charles Eagan explains where his company's cyber-security efforts are headed and why, after 35 years and many technological changes, BlackBerry is fundamentally on the same mission.
cloud-based security

Microsoft's Cloud Email Breach Is a Cause for Concern

|
NEWS ANALYSIS: Potentially millions of Microsoft email users on Outlook, Hotmail and MSN mail had their email information exposed after a Microsoft support person was breached, exposing a wider issue of risks that cloud services represent.
Zeus.chart.Accelerate

Key Lessons Learned at Fortinet’s Accelerate Event

|
SECURITY TREND ANALYSIS: The security industry is evolving faster than ever before. Fortinet’s Accelerate event highlighted several major trends taking place.
Imperva DDoS Ping

How HTML5 Ping Is Used in DDoS Attacks

|
Imperva discovers a new attack in which hackers abused a commonly used HTML5 attribute to launch a DDoS attack that generated 70 million requests hitting a target website in a four-hour span.
IBM cyber-resilience

Cyber-Security Incident Response Plans Lacking, IBM Reports

|
eWEEK DATA POINTS: IBM Security and the Ponemon Institute asked global IT executives what they do to keep their organizations cyber-resilient and discovered interesting insights about the state of modern cyber-security.
Personal.hacks

The Big Personal Hack That Almost Happened

|
SECURITY PERSPECTIVE: Fortunately I happened to be at my computer when somebody tried to take over my social media accounts, and I caught them in the act. But the story doesn’t end there.
Google Next Security

Google Boosts Cloud Security, Transparency and Identity

|
At Google Next, new and enhanced services debut to provide organizations with improved visibility and control over cloud resources, to help limit potential security risks.
Tenable Verizon

Tenable Discloses Verizon Fios Router Vulnerabilities

|
Verizon is now in the process of updating millions of routers to help protect users against a series of vulnerabilities that could have potentially enabled exploitation.

Enterprise Tech Videos