Security Wire Weekly


August 16, 2012  2:59 PM

How diligent user account security thwarts password recovery attacks

Eric Parizo Eric Parizo Profile: Eric Parizo

The recent CloudFlare hack showed how poor user account security and password recovery can be compromised. Learn how to avoid a similar incident.

August 8, 2012  2:38 PM

Adam O’Donnell on antimalware evolution at Black Hat 2012

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Adam O’Donnell of Sourcefire talks about the future of antimalware. Malware analysis tools are improving, but enterprises need to invest in forensics teams to better understand emerging threats. Antivirus vendors face the daunting challenge of adapting mobile platforms, O’Donnell says. Mobile will draw more cybercrime when attackers find it a worthwhile investment, he said.


August 3, 2012  7:15 PM

Surviving cyberwar, Preparing for APTs, Stuxnet malware-style attacks

Eric Parizo Eric Parizo Profile: Eric Parizo

In the wake of the Stuxnet malware being documented as the most significant example of a nation-state cyberattack to date, expert Nick Lewis discusses how enterprises concerned with surviving cyberwar can begin making preparations.


July 17, 2012  10:51 PM

Black Hat 2012 hackers to pick apart mobile

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

The SearchSecurity editorial team preview some of the mobile sessions at the 2012 Black Hat Briefings in Las Vegas. Researchers will be picking apart all the major mobile platforms, NFC payment technology, and uncovering weaknesses in cellular architectures. Apple will speaking publicly for the first time about its security processes.

//


July 13, 2012  4:15 PM

Trey Ford on Black Hat 2012 security conference

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Security expert Trey Ford talks about the upcoming the Black Hat security conference. Ford is general manager of Black Hat 2012.


July 5, 2012  1:22 PM

Joe Stewart on Flame malware, botnet sophistication

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Flame was designed as a monolithic framework to enable people to carry out attacks without having deep knowledge of software coding or the way malware works, said Joe Stewart, director of malware research at Dell Secureworks.

//


June 11, 2012  9:00 PM

Demystifying nation-state attacks and their impact

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Jim Lewis of CSIS and Stephen Cobb of ESET join the SearchSecurity team in a discussion about the impact that nation-state attacks have on the security industry and the way businesses secure their systems. Stuxnet, Flame and Duqu are being linked to state-sponsored cyber activities, but the real threat may come from cybercriminals who follow no rules of engagement and are difficult to control.


May 24, 2012  7:44 PM

P2P encryption for mobile is not an endorsement, says PCI Council

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

The PCI Security Standards Council recently urged merchants to use certified point-to-point encryption hardware when swiping credit card payments with a mobile device. But Bob Russo, general manager of the PCI SSC insists that the PCI Council is not endorsing the technology. In this interview, Russo discusses the state of the PCI special interest groups (SIGs) and addresses why no Mobile SIG exists.


May 8, 2012  7:11 PM

Costly business logic flaws require manual testing

Robert Westervelt Robert Westervelt Profile: Robert Westervelt
Security

Business logic flaws are costly to detect but even more costly if they are exploited, says application security expert Dan Kuykendall, CTO of NTOBJECTives Inc. Manual testing can detect the issues before cybercriminals can take advantage of the flawed functionality.


April 25, 2012  8:40 PM

2012 Verizon DBIR lessons overshadowed by hype

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

In this edition of Security Squad, the editors discusses the 2012 Verizon DBIR findings that have been hyped and misconstrued and why only 8% of organizations make a breach discovery with internal technologies. Also, a discussion on how the message delivered at a recent conference by several security luminaries fell flat.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: