Several months back I was updating our vulnerability scanner checks for various Solarwinds products. As I added a detection script for a product called Log and Event Manager (LEM), I realized that there were really no significant publicly disclosed vulnerabilities for it. This spurred me to download their trial, which comes as a virtual appliance, and look for some flaws. After initially setting...

Last month the Ponemon Institute released its annual Cost of Cybercrime report covering damages from cybercrimes in the past year. Here are some of the key findings.

Title: DDIVRT-2015-55 SolarWinds Log and Event Manager Remote Command ExecutionSeverity: HighDate Discovered: August 15, 2015Discovered By: Chris Graham @cgrahamsevenVulnerability Description:SolarWinds Log and Event Manager (LEM) is vulnerable to an Extensible Markup Language (XML) external entity injection through the agent message processing service. This service listens on TCP port 37891....

File fingerprinting, also known as data fingerprinting or document fingerprinting, is a technique employed by many network data loss prevention solutions for identifying and tracking data across a network. Read on to learn more about fingerprinting and the security benefits of a DLP solution with data fingerprinting capabilities.

Learn about common uses for network data loss prevention solutions, from insider threat protection to compliance.

Learn how public key cryptography works as well as common uses for this cryptographic method.

As we near the last quarter of 2015, here’s a look at the four of the year’s top trends in cybersecurity (so far).

Get a definition of content inspection and learn how content inspection technology plays a key role in data loss prevention and regulatory compliance.

We asked a panel of data security professionals to provide expert recommendations for hiring MSSPs. See what the experts had to say.

Six steps for effective incident response.

If your organization is required to comply with the Payment Card Industry-Data Security Standard (PCI-DSS), particularly Requirement 11, then you are likely familiar with the problems plaguing SSL, early TLS (i.e. TLSv1.0) and their supported ciphers over the past several months. High profile vulnerabilities such as HeartBleed, POODLE, FREAK and LogJam have sent merchants scrambling to patch...

NIST is a key resource for technological advancement and security at many of the country’s most innovative organizations. As such, compliance with NIST standards and guidelines has become a top priority in many high-tech industries today.

Recently in Arstechnica.com there was an article bringing light to how Windows computers can be exploited when booby-trapped USB fobs are inserted into the machine that then executes malicious code.Microsoft has acknowledged this and released a security bulletin regarding the issue stating, “To exploit the vulnerability, an attacker would have insert a malicious USB device into a target system.”So...

Distributed denial of service attacks are IT teams' worst nightmare - but they may be the least of your problems, experts say.

The Stagefright vulnerability puts millions of Android users at risks - learn how to protect your Android device from infected text messages.

We asked 34 data security experts how companies can best communicate the security risks associated with file sharing and cloud storage to employees - see what the experts had to say.