Stories by Tim Greene

Of five major industries examined by BitSight - finance, retail, healthcare, energy/utilities, government and education – education is hit by ransomware at a much higher rate than the others.

Sophos is coming out with Intercept X, its new name for endpoint protection that’s based on technology acquired when it bought SurfRight last year to broaden its endpoint strategy.

Enterprises should expect business as usual from RSA in the wake of its being swept up by Dell this week in the largest tech deal ever, with company executives saying it will retain a good deal of autonomy to carry out its strategic plans.

Intel is going to spin out its subsidiary Intel Security as a joint venture with investment firm TPG, redubbing the new entity with its old name – McAfee.

Apple is issuing patches for three iOS zero-day vulnerabilities known as Trident that have been exploited for years by an Israel-based spyware vendor against a human rights activist, an investigative journalist and others.

A pair of former defense cyber security contractors is launching IDVector, a service that creates encrypted connections through an anonymizing network to shield users’ identities and locations and to protect their machines from internet-borne attacks.

Application layer DDoS attacks are becoming more common, perhaps because they cost less for malicious actors to execute and can more effectively evade defenses than network layer attacks, Imperva says.

Customers of Cisco and Fortinet security gear need to check that their versions of specific devices are patched against exploits patch exploits made public this week as a result of a purported hack of NSA malware.

A public auction of stolen NSA malware may be a warning to the U.S. that blaming Russia for the hack of the Democratic National Committee could have dire consequences, says Edward Snowden, who also famously breached NSA security.

RiskSense, software-as-a-service that evaluates the security of corporate networks and generates a risk score, has been self-financed since its launch last year, but now has harnessed venture funding to help boost its R&D and hire marketing and sales staff.

Using AWS’s API software developer’s kit or its command line interface, customers can write their own tools for imaging disk instances that have been compromised, say Andrew Krug and Alex McCormack. The pair if researchers presented four tools at Black Hat 2016 that they wrote specifically to deal with incident response in AWS.

The Federal Trade Commission made an appeal at DEF CON in Las Vegas this past week in hopes of getting hackers to help them crack down on manufacturers and service providers that leave customers vulnerable.

One of the most popular models for analyzing cyberattacks doesn’t focus enough on what to do after adversaries break into networks successfully, which they inevitable will do, Black Hat 2016 attendees were told this week in Las Vegas.

Cyber-reasoning platform Mayhem pulled down the $2 million first prize in a DARPA-sponsored Cyber Grand Challenge competition that pitted entrants against each other in the classic hacking game Capture the Flag, never before played by programs running on supercomputers.

USB keys were famously used as part of the Stuxnet attack on the Iranian nuclear program and for good reason: it’s got a high rate of effectiveness, according to a researcher at Black Hat 2016.