Web Security

Securing Your Website to Protect Brand Reputation

Customers are doing more and more business online. Nearly 80% of the U.S. population shops online and half bank online. However, websites are constantly under attack. 71% of consumers feel it is up to the online stores to ensure the protection of their information, making website security a top priority for many businesses.

Detect ransomware before it's too late with AlienVault USM

By now you've probably heard about new ransomware threats like CryptoWall, which encrypts your data and demands payment to unlock it. These threats are delivered via malicious email attachments or websites, and once they execute and connect to an external command and control server, they start to encrypt files throughout your network.

Russia moves to block Wikipedia, HTTPs stands in the way

Russia moves to block Wikipedia, HTTPs stands in the way

By

Internet service providers in Russia were ordered to block access to Wikipedia but efforts have been thwarted by HTTPs.

Hacking number one consumer fear, others not worried: Kaspersky Labs

Hacking number one consumer fear, others not worried: Kaspersky Labs

By

A Kaspersky Labs study found some consumers are tremendously worried about hacking and malware, while almost half are not concerned at all and others simply believe they are not of interest to cybercriminals.

Pastor set free on bail following charge in global hacking ploy

Pastor set free on bail following charge in global hacking ploy

By

A pastor and former Morgan Stanley VP charged by federal prosecutors as "the linchpin of a sprawling financial and hacking conspiracy" is free on $2 million bail.

Hacked, shuttered online photo print centers could prove costly to consumers, retailers

Hacked, shuttered online photo print centers could prove costly to consumers, retailers

By

As six major retailers spanning the U.S., Canada and the U.K. enter the second month of having their online photo print operations shuttered by hackers, industry analysts say the damage to consumers and the retailers could be significant in both data and dollars.

WordPress 4.2.4 released, includes fixes for a variety of flaws

By

WordPress released a security update to address several vulnerabilities that existed in all previous versions.

Before the kill chain: What attackers are doing and how you can spot them

What if you could uncover the infrastructure attackers are staging and identify threats BEFORE the kill chain begins?

Senators introduce bill to expand DHS oversight of federal .gov domain

By

A bipartisan group of senators introduced legislation, that would increase the Department of Homeland Security's role in protecting federal the .gov domain.

TerraCom, Yourtel America fined $3.5M for storing customer data on unsecured severs

By

TerraCom and Yourtel America have been ordered to pay a $3.5 million in civil penalties to the FCC for failing to adequately store customer data.

'Prized' app developers banned from distributing malware in FTC settlement

'Prized' app developers banned from distributing malware in FTC settlement

By

The Federal Trade Commission banned app developers Equiliv Investments and Ryan Ramminger from creating and distributing malware after their "Prized" app commandeered consumer devices to mine digital currency.

Is the password dead? Not just yet.

Mark Twain once said, "The report of my death was an exaggeration." Can the same be said for the password?

Understanding SSL/TLS best practices and application protection

Websites are under attack. In the last year, new vulnerabilities have been uncovered that allows malicious attackers to undermine security that organizations put in place to protect themselves and their end users sensitive information.

Study: 15-30 percent of eCommerce site visitors infected with CSIM

Study: 15-30 percent of eCommerce site visitors infected with CSIM

By

Startup security company Namogoo says that 15-30 percent of eCommerce site visitors are infected with client side injected malware (CSIM).

Microsoft deems Ask.com toolbar malware, will automatically remove

Microsoft deems Ask.com toolbar malware, will automatically remove

By

Earlier versions of the Ask.com toolbar will meet the same fate as other programs with browser search protection functionality.

Practical security control mapping for financial services organizations

According to Accenture's 2015 Global Risk Management Study, financial services and banking executives view cyber & IT risk as their top risk area over the next two years.

Remediate before it's too late

With mega breaches springing up one after another, many industry players have registered both disbelief and awe at the sheer numbers of individual credentials stolen.

Who goes there?: Tor Project

Who goes there?: Tor Project

By

Misperceptions about Tor - and who is using it - are preventing its wider acceptance, says security researcher Runa Sandvik. Adam Greenberg reports..

Talk therapy: Information sharing

Talk therapy: Information sharing

Companies benefit by communicating with each other about the attacks they've incurred, reports Jesse Staniforth.

Music streaming service Gaana offline after hacker exposes user database flaw

By

The website for the Indian streaming service was still down as of Thursday afternoon EST, but Gaana says that the vulnerability is patched.

SEA hacks Washington Post mobile site

By

Back in 2013, the Syrian Electronic Army (SEA) hacked The Washington Post's site, redirecting visitors to hacker-controlled pages.

Distil Networks 2015 Bad Bot Report: 5 high-risk lessons

Distil Networks has produced their annual Bad Bot Report. It's the IT Security Industry's most in-depth analysis on the sources, types, and sophistication levels of last year's bot attacks-- and there are serious implications for anyone responsible for securing their web infrastructure.

Ad network compromised to redirect users to Nuclear EK, install Carberp

Ad network compromised to redirect users to Nuclear EK, install Carberp

By

Attackers targeted a server operated by New Jersey-based advertising network, Mad Ads Media, in order to redirect users to an exploit kit.

Sign on the digital line: Case study

Sign on the digital line: Case study

By

Biopharma companies need a secure digital signing infrastructure. SureClinical found an answer for them, reports Greg Masters.

Hinkley to replace founder Grossman as WhiteHat CEO

By

After more than a year with company founder Jeremiah Grossman serving as interim CEO, WhiteHat has selected Craig Hinkley to fill the top spot.

Key security insights for 2015

It's clear that cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks.

Citizen Lab says 'Great Cannon' tool allowed DDoS against GitHub, GreatFire.org

By

Researchers described "Great Cannon" as China's latest internet censorship tool.

Google says it will no longer trust digital certs issued by CNNIC

Google says it will no longer trust digital certs issued by CNNIC

By

Google made the decision after investigating a security incident in which digital certs were "misissued."

F5 Networks opens new security operations center

By

5 Networks opened the doors to its new security operations center (SOC) facility at its Seattle headquarters today.

Taming the third-party threat: Application security

Taming the third-party threat: Application security

By

The challenge for security practitioners is to make the mobile ecosystem more trustable, reports Alan Earls.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US