Skip Links

Endpoint Security Research Center

Your source for the latest news, opinion, product comparisons and reviews of endpoint security and NAC tools.

Endpoint Security News
A vision for secure mobility management in the enterprise
There's been a lot of buzz lately about secure mobility in the enterprise, but often the focus is on just one or two aspects of the entire mobile...
How the Red Cross found its ID management groove
Red Cross CISO Suzanne Hall on the organization's monster effort to overhaul security and identity management.
Clamor for cloud apps increases corporate data breach risk
Vendor analysis of network and application traffic shows poorly managed remote access tools and traffic flowing outside port 80 are rampant.
Sykipot Trojan hijacks Department of Defense authentication smart cards
A variant of the Sykipot Trojan Horse hijacks U.S. Department of Defense (DoD) smart cards in order to access restricted resources.
Watching the watchers
While there's no single fix, a number of experts weigh-in on how to make certain those with privileged access don't abuse it.
With great privilege comes great responsibility
While additional IT privileges are part of IT management, recent incidents and a number of surveys show many organizations don't do what's...
Putting a Lock on Password Management
A cancer diagnostics firm is using a single sign-on service to secure a growing pool of SaaS subscriptions.
New Jersey charges four in identity theft cases
Prosecutors say defendants charged a little as $200 for each identity they allegedly stole.
EFF proposes new method to strengthen Public Key Infrastructure
The Electronic Frontier Foundation (EFF) is proposing an extension to the current SSL chain of trust that aims to improve the security of HTTPS and...
InfoWorld's top 10 emerging enterprise technologies
Which of today's newest shipping technologies will triumph over the long haul? Here are our best guesses
Researchers bypass the restrictions of Mac OS X default sandbox profiles
The restrictions imposed by Mac OS X generic application sandbox profiles can be easily bypassed, researchers from Core Security Technologies found.
Clouds of anxiety: Companies worry about security of cloud computing
While organizations continue to embrace cloud-computing platforms, surveys find organizations are concerned about security and their very ability to...
Amazon adds app for easier two-factor authentication
Amazon Web Services has added the option to use applications to create codes for its Multi-Factor Authentication (MFA) service, the company said on...
Ongoing drive-by download campaign hijacked MIT server
A server belonging to the Massachusetts Institute of Technology was commandeered by hackers who used it to launch attacks against other websites as...
Duqu exploits zero-day Windows kernel vulnerability to infect computers
Security researchers from the CrySyS laboratory in Hungary have located an installer for Duqu, the Stuxnet-inspired threat that has kept the security...
Researchers defeat CAPTCHA on popular websites
Researchers from Stanford University have developed an automated tool that is capable of deciphering text-based anti-spam tests used by many popular...
Researchers demo cloud security issue with Amazon AWS attack
Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack...
Exploit-powered Android Trojan uses update attack
A new variant of the DroidKungFu Android Trojan is posing as a legitimate application update in order to infect handsets, according to security...
Adobe to fix Flash flaw that allows webcam spying
Adobe is working on a fix for a Flash Player vulnerability that can be exploited via clickjacking techniques to turn on people's webcams or...
Guidance forensics tool now working with SIEM
Guidance Software today said its computer forensics tool is now capable of automated collection of data on endpoint devices, including computers and...