Cybersecurity

With billions of dollars of federal contracts at stake, information technology providers are being swept up in the tide of a new U.S. Department of Defense information security requirement that will become mandatory for IT providers and other companies doing business with DoD. While IT companies alr...

For most organizations, COVID-19 has been a literal transformative agent. Our organizations have almost overnight gone from environments where teleworking was an exception, to where it's the norm. As any student of human nature will tell you, people tend to view "the new" with reservation. There's a...

Twitter had a data security problem last week that might sound trivial. Email addresses, phone numbers, and the last four digits of the credit cards used to buy ads on Twitter were left in browser cache after the transaction, and that cache was not secured. This may seem trivial, but the consequence...

Open-source software is becoming much more commonplace within organizations, bringing a different set of risks and perceived challenges compared to closed source or proprietary software. The Information Security Forum has released a report to help security professionals recognize the benefits and pe...

Twitter on Tuesday notified business clients that their personal information, including email addresses, phone numbers, and the last four digits of their credit card numbers may have been compromised. Self-serve advertisers that viewed billing information on ads.twitter.com or analytics.twitter.com ...

The next generation of Intel mobile processors will include malware protection built into the chip. The protection, provided by Intel's Control-Flow Enforcement Technology, will first be available in the company's "Tiger Lake" mobile processors. CET is designed to protect against the misuse of legit...

Two separate teams of academic researchers have published papers describing flaws in Intel's Software Guard Extensions. SGX enhances application security by letting developers partition sensitive information into enclaves with hardware-assisted enhanced security protection. The aim is to protect app...

U.S. government agencies and cloud technology providers are heading toward a reset in how they cooperate on cybersecurity challenges. The expected growth of cloud use will create a more complex federal security landscape, according to a recent report from Thales Group. Federal agencies actually have...

Category 2 adversaries are nothing to sneeze at, but their resources are finite. If you armor up enough, they will give up, and move onto an easier comparable target. In confronting the threat of category 3, everything you have learned ratchets up to a whole new level of paranoia. Category 3 adversa...