Software Vulnerabilities September 27, 2016 Shellshock Anniversary: Major Security Flaw Still Going Strong 5 min read - As if to celebrate its two-year anniversary, Shellshock, one of the most infamous bugs of 2014, ramped up its activity in September.
Fraud Protection September 24, 2015 Authentication: The Enterprise’s Weakest Link 3 min read - Many organizations struggle to find the right authentication methods for their employees and needs, but they can ill afford to let malpractice continue.
August 20, 2015 LinuxCon: CII Program Will Give Badges to Open Source Projects With Strong Security 2 min read - Open source projects have gotten a bad rap in security circles thanks to Heartbleed and other flaws, but an industry consortium may change that.
August 18, 2015 Insecure Configuration of MongoDB, Other Databases Could Be Leaking Information 2 min read - A recent report suggested poor configurations of MongoDB, Redis and similar database products may be exposing data to cybercriminals.
June 15, 2015 New OpenSSL Releases Clear Logjam, Target Minor Flaws 2 min read - Multiple new OpenSSL releases finally clear the Logjam flaw and address other low-to-moderate vulnerabilities plaguing the encryption software.
Software Vulnerabilities March 25, 2015 Made for Headlines: Do Designer Vulnerabilities Compromise Security? 3 min read - As vulnerabilities are now branded with catchy names and logos, security researchers should be careful not to compromise the responsible disclosure process
Software Vulnerabilities February 23, 2015 2014: The Year That the Internet Fell Apart 2 min read - A session at IBM InterConnect will discuss the vulnerabilities that rocked the Internet in 2014, such as Heartbleed and Shellshock, and what may come next.
Application Security December 26, 2014 The Responsible Disclosure Policy: Safeguard or Cybercriminal Siren Song? 3 min read - Having a responsible disclosure policy is the best way to communicate software vulnerabilities to the public. However, is this doing more harm than good?
CISO December 23, 2014 Failure to Plan Is a Plan for Failure When It Comes to Security 3 min read - With major security events happening in 2014, including Heartbleed and Sony's hack, what can companies do to plan ahead and protect themselves from hacks.
November 4, 2014 Security Leaders Claim Most Sites Using Drupal Have Been Hacked 2 min read - A flaw in the Drupal content management system may affect many websites, but security leaders have released some steps to help mitigate the risk.