It's less than 10 weeks until your country's elections; do you know where your government's information warfare defenses and election security strategy are? The FBI says it's moving to counter information operations, while DHS is bolstering election security. But will it be enough?
Microsoft appears set to patch a zero-day local privilege escalation vulnerability after a researcher published proof-of-concept exploit code for the flaw. That's a relatively rare turn of events these days, owing to Microsoft's bug bounty program rules.
Industry analysts first coined the term Identity-as-a-Service, IDaaS in 2006. But today, the vast majority of IDaaS implementations still focus on the "A" - access management - leaving organizations to piece together the rest. IBM's Michael Bunyard discusses how to put "Identity" back in IDaaS.
Machine data and machine learning have the potential to connect disparate data sources, enabling better fraud detection and prevention, says Matthew Joseff of Splunk, who highlights real-world examples of fighting fraud with better data.
Too many organizations leverage advanced threat intelligence merely to detect indicators of compromise. But Brian Hussey of Trustwave wants to help them mine actionable threat intelligence to truly bolster enterprise defenses.
Unsupervised machine learning is essential to mitigate the sophisticated cross-channel fraud techniques attackers are using to take advantage of the multiple silos and security gaps at financial institutions, says ThetaRay's James Heinzman
Apache has released an emergency fix for its Struts web application framework to patch a flaw that attackers can exploit to take full control of the application. Some incident response experts, based on the severity of breaches they've investigated, recommend dropping Struts altogether.