Data Protection

Data Protection news, analysis, research, how-to, opinion, and video.

ransomware hardware security embedded circuit board integrated controller
malware attack cyberespionage code hacker

beach tide summer sand

Passwords: A long goodbye

There is no debate about the reality that passwords are a “fundamentally broken” method of authentication. But it is still expected to take time – likely years – for the replacement model to become mainstream.

01 holes

Tips on where to start in managing risk

What is risk management? Anytime you have something of value (like a corporate network, a website, or a mobile application), there will be risk to manage in order to protect it. Traditional approaches and controls are no longer good...

cyber justice

Think employers must protect workers’ personal info? Think again

Pennsylvania says workers can’t collect damages from their employer if things like Social Security numbers, bank account information, birth dates, addresses and salaries are compromised in a data breach.

backlit keyboard

How to handle security vulnerability reports

There are people out there willing to help with your company’s security issues. Isn’t it time your company had its own ‘see something, say something’ policy?

01 detection

When real-time threat detection is essential

There are times when an organization will be especially vulnerable if they don’t have real-time detection capabilities, and in preparation for these events it’s a good idea to reevaluate tools and strategies. Mike Paquette, director...

security code big data cyberespionage byte

After MongoDB, ransomware groups hit exposed Elasticsearch clusters

After deleting data from thousands of publicly accessible MongoDB databases, ransomware groups have started doing the same with Elasticsearch clusters that are accessible from the Internet and are not properly secured.

putin22

Report on Russian hacking leaves many questions unanswered

Security experts have been pouring over the Joint Analysis Report released two weeks ago by the Department of Homeland Security and the Federal Bureau of Investigation, but there isn't enough detail in the public document to help...

fnb south africa

South African bank tells its tale of battling ransom attacks

In November of 2015, a bank in South Africa received a typical ransom email from the Armada Collective, which was quickly followed by a teaser flood attack that the bank proactively mitigated. Sort of a shot across the bow to make...

code hacker cyberespionage eye data

Disk-wiping malware Shamoon targets virtual desktop infrastructure

A cyber sabotage program that wiped data from 30,000 computers at Saudi Arabia's national oil company in 2012 has now returned and is able to target server-hosted virtual desktops.

iphone touchid panic button

Protecting your data, protecting yourself: A first installment

Suppose you're a dissident. How do you keep your data safe on your iPhone, iPad, and Mac, not to mention online? Glenn Fleishman explains, in the first of a series.

1 bullet

5 reasons why Web gateways aren’t bulletproof

Like the threat landscape itself, web gateways have changed over the years. Today, web gateways do much more than enforce regulatory compliance and HR policies – organizations rely on web gateways to thwart internet-borne threats....

HP HPE media gallery image 1

Dangerous assumptions that put enterprises at risk

Trusting that the solutions won't fail and users won't click could lead to a breach

cloud security challenges 2

What to do when your network is wide open

How can you enforce internal policies and industry compliance mandates when there’s no longer an identifiable network perimeter?

swift banking euros

SWIFT speaks on fraudulent messages and the security moves the cooperative is making to assist its customers

SWIFT is using a multipronged approach to address interbank messaging fraud.

eyeing big data in the cloud

Will the cloud be a safe haven for data in 2017?

Experts offer differing opinions on where cloud security is headed.

ransomware data laptop

Exposed MongoDB installs being erased, held for ransom

Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped...

resolution primary

‘I will eliminate passwords’ in 2017

Like anyone else, security experts set up resolutions they hope to conquer in the new year. Now the question will remain, will they be able to follow through on them or -- like that diet people promised to hold to – will they go back...

nup 173075 0006

Donald Trump offers cybersecurity warning: 'No computer is safe'

Donald Trump showed off his IT security credentials at a New Year's Eve party, suggesting that the best way to keep secrets from hackers is a huge air gap.

Load More