homepage
Open menu Go one level top
  • Train and Certify
    • Get Started in Cyber
    • Courses & Certifications
    • Training Roadmap
    • Search For Training
    • Online Training
    • OnDemand
    • Live Training
    • Summits
    • Cyber Ranges
    • College Degrees & Certificates
    • NICE Framework
    • DoDD 8140
    • Specials
  • Manage Your Team
    • Overview
    • Group Purchasing
    • Why Work with SANS
    • Build Your Team
    • Hire Cyber Talent
    • Team Development
    • Private Training
    • Security Awareness Training
    • Leadership Training
    • Industries
  • Resources
    • Overview
    • Reading Room
    • Webcasts
    • Newsletters
    • Blog
    • Tip of The Day
    • Posters
    • Top 25 Programming Errors
    • The Critical Security Controls
    • Security Policy Project
    • Critical Vulnerability Recaps
    • Affiliate Directory
  • Focus Areas
    • Blue Team Operations
    • Cloud Security
    • Digital Forensics & Incident Response
    • Industrial Control Systems
    • Leadership
    • Offensive Operations
  • Get Involved
    • Overview
    • Work Study
    • Teach for SANS
    • Partnerships
    • Sponsorship Opportunities
    • Join the Community
  • About
    • About SANS
    • Instructors
    • Mission
    • Initiatives
    • Diversity
    • Awards
    • Contact
    • Frequently Asked Questions
    • Customer Reviews
    • Press
  • Log In
  • Join
  • Contact Us
  • SANS Sites
    • GIAC Security Certifications
    • Internet Storm Center
    • SANS Technology Institute
    • Security Awareness Training
  • Search
  1. Home >
  2. Press >
  3. SANS in the News

SANS in the News

  • TechBeacon: Go beyond policy: 5 keys to data protection compliance
  • Security Week: Hackers Scanning for Citrix Systems Affected by Recent Vulnerabilities
  • Dark Reading: Attackers Scan for Vulnerable BIG-IP Devices After Flaw Disclosure
  • Help Net Security: Better cybersecurity hinges on understanding actual risks and addressing the right problems
  • CIO Dive: Technology training, certifications demand withstands pandemic slump
  • Dark Reading: Cybercrime Infrastructure Never Really Dies
  • Fox News: Sextortion is evolving during the coronavirus pandemic, report says
  • SC Media UK: Early launch today for government-backed cyber training as students go online
  • CNN Business: Virtual cybersecurity school teaches kids to fix security flaws and hunt down hackers
  • Dark Reading: Securing Your Remote Workforce: A Coronavirus Guide for Businesses
  • infosecurity magazine: SANS Offers Free Kit to Secure Home Workers
  • ZDNet: Free resource to help parents keep kids safe online as schools move to eLearning
  • The Daily Swig: Coronavirus response: How security certification and training orgs are tackling the global disruption
  • infosecurity magazine: SANS: Gender Still Biggest Challenge for Many Women in Cyber
  • CSO: How to write an effective information security policy
  • Data Center Knowledge: Palo Alto Partnership May Boost Confidence in Google Cloud’s Chronicle
  • The Washington Post: The Cybersecurity 202: Americans should not be confident about security of 2020 election, experts say
  • Security Boulevard: More CEOs Ditching Social Media Over Security Concerns
  • CSO: 9 CCPA questions every CISO should be prepared to answer
  • SearchSecurity: CISOs face a range of cybersecurity challenges in 2020
  • CSO: Winning the war for cybersecurity talent
  • SearchCompliance: Lack of data visibility obstructs value, storage costs and compliance
  • dvids: For the Army and DoD there are no 'losers' at SANS NetWars
  • CSO: Short on security expertise? You can still choose the right solutions
  • infosecurity magazine: Festive Virtual Hacker Conference Returns
  • CSO: 10 ways to kill your security career
  • infosecurity magazine: Capture the Flag Competition Aims to Trace Missing Persons
  • CSO: 5 keys to protect your supply chain from cyberattacks
  • Dark Reading: The Real Reasons Why the C-Suite Isn't Complying with Security
  • CSO: The CISO’s newest responsibility: Building trust
  • The Parallax: Harris poll backs Google plan to improve password security
  • SearchCompliance: Protect customer data with these 5 essential steps
  • Forbes: Teenage Hackers Wanted: Could Your Kid Be The Next £20M Cybersecurity Superhero?
  • SearchCloudSecurity: Research shows cloud security vulnerabilities grow
  • Forensic Focus: Interview: Lodrina Cherne, Product Manager, Cybereason
  • Dark Reading: 7 Stats That Show What it Takes to Run a Modern SOC
  • Data Center Knowledge: Why the WhatsApp Security Flaw Should Make Enterprise IT Nervous
  • infosecurity magazine: 75% of Security Awareness Pros Are Part Time
  • The Kojo Nnamdi Show: To Combat A Talent Shortage, Cybersecurity Companies Seek Diverse Candidates
  • SC Magazine: Women in Security: Women to Watch
  • Intelligent CIO: Editor’s Question: How important is cybersecurity education for young people for closing the cyberskills gap?
  • California Apparel News: Retailers Take on the Fight Against Organized Crime
  • CSO: 6 signs the CIO-CISO relationship is broken — and how to fix it
  • SearchSecurity: SANS security awareness credential paves new career path
  • Patch: Hartford: Winners Of The 2019 Girls Go Cyberstart Competition Honored
  • Dark Reading: The 2019 State of Cloud Security
  • Bank Info Security: Trump Order Aims to Boost Federal Cybersecurity Workforce
  • Dark Reading: The Cybersecurity Automation Paradox
  • CSO: Google expands cloud security capabilities, including simpler configuration
  • Dark Reading: A New Approach to Application Security Testing
  • Dark Reading: Threat Hunting 101: Not Mission Impossible for the Resource-Challenged
  • WSJ Pro: Cyber Daily: Hope, Hype and AI; Defense Department Could Get Cyber Budget Boost
  • SearchCompliance: AI cybersecurity benefits are real, but not automatic
  • EnergyWire: Pentagon to utilities: Uncle Sam wants you
  • infosecurity magazine: #RSAC: The Most Dangerous New Attack Techniques & How to Counter Them
  • BankInfoSecurity: Why CISOs Need Partners for Security Success
  • HealthITNews: RSA 2019: SANS shares top new security threats – and what to do about them
  • SecurityBoulevard: RSA 2019: Day 4 Recap: Keynote Highlights, Capture the Flag, Public Interest Tech and More
  • ITWorldCanada: Cyber Security Today - How to create corporate security awareness and a warning on nation-state attacks
  • infosecurity magazine: W. Va. Partners with SANS to Bring Girls into Cyber
  • U.S.News & World Report: 10 Ways to Keep Your Cryptocurrency Safe
  • CIO: 7 ways to ensure IT gets the credit it deserves
  • SearchHRSoftware: Attackers seek gold in HR data security breaches
  • ExecutiveGov: Gov't Launching First Employee Reskilling Academy for Cybersecurity
  • FOX8: Genealogist urges users to take consumer DNA kits with a grain of salt
  • Army.mil: Cyber Soldier attains 'most prestigious credential in the IT Security industry'
  • govloop: WHITE HOUSE LAUNCHES CYBER PROGRAM FOR NON-IT FEDS
  • fedscoop: Cybersecurity Reskilling Academy created by White House for federal employees
  • Federal News Network: Federal Cyber Reskilling Academy to retrain federal employees as cyber defense analyst
  • SearchSecurity: Is network traffic monitoring still relevant today?
  • Dark Reading: Why the CISSP Remains Relevant to Cybersecurity After 28 Years
  • Security Boulevard: Security Awareness: 5 Creative Ways to Train Employees on Cybersecurity
  • Dark Reading: Understanding SOCs' 4 Top Deficiencies
  • Forbes: Lance Spitzner: How To Secure The Human Operating System
  • CSO: What is enterprise risk management? How to put cybersecurity threats into a business context
  • CSO: 7 best practices for working with cybersecurity startups
  • Army.mil: 'Tiger Stance' focuses on realistic, state-of-the-art cyber task force training
  • InformationWeek: How Mid-Size Firms Can Overcome DevOps Challenges
  • FCW: Army cyber protection teams upgrade training with a 'real' city
  • Federal News Radio: In ‘Cybertropolis,’ Army begins to move its cyber training exercises into the physical world
  • WSJ: U.S. Officials Push New Penalties for Hackers of Electrical Grid
  • Maryland Department of Labor: Department of Labor EARN Maryland Program Recognized Nationally for Innovation, Effectiveness
  • betanews: Endpoints leave industrial IoT vulnerable... Err, what's an endpoint?
  • CSO: 5 tips for getting started with DevSecOps
  • Dark Reading: Creating a Defensible Security Architecture
  • SearchSecurity: How to use the OODA loop to improve network security
  • Security Boulevard: Language Matters When It Comes to a Data Breach
  • WSJ: The Search for Women Who Want Cybersecurity Careers
  • Harvard Business Review: Internet Insecurity
  • Forensic Magazine: Q&A: Mobile Forensics Expert Discusses Highlights of Digital Work
  • CSO: Who wants to go threat hunting?
  • FCW: China's penetration of U.S. supply chain runs deep, says report
  • infosecurity magazine: #RSAC: The Five Most Dangerous New Attacks According to SANS
  • eWeek: Security Experts Warn of New Cyber-Threats to Data Stored in Cloud
  • IT Security Guru: SANS Experts Share Five Most Dangerous New Attack Techniques
  • CIODive: RSAC: 3 key cyberthreats to watch in 2018
  • CSO: Two incident response phases most organizations get wrong
  • informationsecuritybuzz: SANS Experts Share Five Most Dangerous New Attack Techniques
  • Fifth Domain: RSA - Future cyber threats will come from inside the architecture
  • NBC News: Jobs in cybersecurity are exploding. Why aren't women in the picture?
  • USA Today: Cybersecurity – Dissecting Data
  • HelpNetSecurity: What’s new at RSAC 2018?
  • CDW: Endpoint Security Evolves to Address Smarter, Fiercer Threats
  • SearchSecurity: Secure DevOps: Inside the five lifecycle phases
  • IDGConnect: Testing the waters: The value of ethical hacking for business
  • CBR: Gov't to put new cybersecurity measures in place for smart devices
  • CNN: China has found a new way to block banned words
  • Bank Info Security: How IoT Affects the CISO's Job
  • infosecurity magazine: Microsoft Vulnerabilities Accelerate in 2017
  • AP News: Woman at Top of Her Game Seeks Girls With a Cyber-Aptitude
  • CSO: Video with Rob Lee-SANS DFIR Curriculum Lead: The people you call when you've had a breach
  • TechRepublic: How one hacker stole $226K worth of cryptocurrency from Oracle servers
  • Dark Reading: Oracle WebLogic Exploit Used in Cryptocurrency Mining Campaign
  • ArsTechnica: Oracle app server hack let one attacker mine $226,000 worth of cryptocoins
  • CSO: Oracle WebLogic hackers pick Monero mining over ransomware
  • IT World Canada: Patching Meltdown/Spectre: Take your time, or get to it fast?
  • FE News: It's Time to Go Back to Basics to Address Cybersecurity Skills Shortages
  • PaymentsSource: PayThink Users are compromising most security tech
  • isBuzzNews: SANS Cybersecurity Trends And Predictions For 2018
  • statescoop: Missouri CISO honored with national award for work in cybersecurity
  • Defense Systems: Army pushes recruiting and retaining cyber talent
  • FCW: IRS pushes back on data protection criticisms
  • Dark Reading: Getting the Most Out of Cyber Threat Intelligence
  • SearchSecurity: Considerations for developing a cyber threat intelligence team
  • SearchSecurity: Is data-centric security worth the implementation challenge?
  • information age: What is the biggest threat to data? Ransomware of course
  • The Manufacturer - UK: Cyber security in industrial control systems
  • FCW: Can the U.S. Stop Malware and Buy it at the Same Time?
  • Search Security: Security Teams Must Embrace DevOps Practices or Get Left Behind
  • Data Center Knowledge: What Europe's New Data Protection Law Means for Data Center Operators
  • Dark Reading: Adobe's Move to Kill Flash Is Good for Security
  • SearchSecurity: What tools were used to hide fileless malware in server memory?
  • Dark Reading: SIEM Training Needs a Better Focus on the Human Factor
  • Rise Up Radio San Diego - OnWard To Opportunity: Video SANS CyberTalent Program for Veterans
  • SearchSecurity Germany: ICS: Industrielle Steuerungsanlagen als Ziel von Ransomware
  • SecurityWeek: ICS Security Pros Increasingly Concerned About Ransomware: Survey
  • eSecurity Planet: How Not to Handle Incident Response: Automobile Association Exposes 117,000 Customers' Data
  • SearchSecurity: NotPetya ransomware trend moving towards sophistication
  • Threatpost: Complex Petya-Like Ransomware Outbreak Worse Than Wannacry
  • The Verge: Alexa's new calling feature means it's really time to set up two-factor authentication
  • CIO Insight: Security Awareness Programs Need Full-Time Staff
  • The Washington Post: Russia has developed a cyberweapon that can disrupt power grids, according to new research
  • SearchSecurity: How mobile application assessments can boost enterprise security
  • Dark Reading: How to Succeed at Incident Response Metrics
  • Computerworld: The top 5 mobile security threats
  • Dark Reading: Securing the Human a Full-Time Commitment
  • ZDNet: New awareness study reveals what you need for the best security programs
  • CSO: Few firms will be ready for new European breach disclosure rules, fines
  • CSO: Companies Ramp Up Recruiting Veterans as Cybersecurity Urgency Grows
  • DarkReading: 7 Steps to Fight Ransomware
  • SearchSecurity: Improving the cybersecurity workforce with full spectrum development
  • CSIS Report: IoT, Automation, Autonomy, and Megacities in 2025
  • NBC Today: US infrastructure is at ‘red alert’ for hacking, expert says
  • Dark Reading: What Your SecOps Team Can (and Should) Do
  • Austin Business Journal: 5 reasons Austin businesses should hire 'good' hackers
  • SC Magazine: Watching the detectors: Government demands
  • Signal: Girding the Grid For Cyber Attacks
  • eweek: Ransomware Heads List of 7 Most Dangerous New Cyber-Attack Techniques
  • ZDNet: The seven most dangerous attack techniques: A SANS Institute rundown
  • PCWorld: The 7 security threats to technology that scare experts the most
  • SC Magazine: Ransomware, IoT combo lead SANS list of dangerous attack techniques
  • Business News Daily: Are IoT Devices Putting Your Organization at Risk?
  • CSO: Compliance focus, too much security expertise hurts awareness programs
  • Dark Reading: How I Would Hack Your Network (If I Woke Up Evil)
  • The Agenda: Confronting Cyber Conflict: Video with Robert M. Lee
  • WSJ: Yahoo Faces SEC Probe Over Data Breaches
  • Dark Reading: The 3 C's Of Security Awareness
  • gtm: The Real Cybersecurity Issues Behind the Overhyped ‘Russia Hacks the Grid’ Story
  • CBS News: Video: Russian hacks into Ukraine power grids may be a sign of things to come
  • WSJ: Attack Crashes Nearly 1M Deutsche Telekom Internet Routers
  • Wired: SF’s Transit Hack Could’ve Been Way Worse—And Cities Must Prepare
  • Dark Reading: Time For Security & Privacy To Come Out Of Their Silos
  • tech better: Trends and Strategies in Cybersecurity: A Q&A With John Pescatore
  • SearchSecurity: Want a board-level cybersecurity expert? They're hard to find
  • SC Magazine: Watch your endpoints, says SANS whitepaper
  • Dark Reading: Why Enterprise Security Teams Must Grow Their Mac Skills
  • Dark Reading: How To Build A Strong Security Awareness Program
  • Forensic Focus: Malware Can Hide, But It Must Run
  • CSO: Cybersecurity 'ninjas' value challenges, training and flexible schedules over pay
  • HealthITSecurity: Reviewing File Transfer Protocol Healthcare Cybersecurity Risks
  • CSO: Evolving risks and business technologies shift focus in security budgets
  • CSO: Performance, management and privacy issues stymie SSL inspections, and the bad guys know it
  • CSO: Awareness training: How much is too much?
  • eSecurity Planet: How to Mitigate Fourth-Party Security Risks
  • fedscoop: EPA releases limited summary of cybersecurity report
  • fedscoop: Interior falls short in logical access control standards - report
  • The Parallax: How to Send Money Securely
  • MotherBoard: What Are the Risks of Hacking Infrastructure? Nobody Really Knows
  • SearchSecurity: How InfoSec professionals can improve their careers through writing
  • SANS State of App Sec report: It's not just about dev teams
  • Energy Wire: Utilities look back to the future for hands-on cyberdefense
  • EnergyWire: Grid hack exposes troubling security gaps for local utilities
  • thirdCertainty: Underwriters, InfoSec officers must close gap on risk management
  • fedscoop: Survey: Health industry cyber pros moving beyond compliance
  • Law Enforcement Technology: Hidden Mobile Apps: The ultimate game of hide-and-seek for law enforcement
  • fedscoop: 'We're lucky someone wasn't killed: A look at the patent office's Christmas outage
  • CIO: Confusion over cyber insurance leads to coverage gaps
  • Cybernance: Who'll Be the Gap Closer in Cyber Insurance?
  • Forensic Magazine: The Dangers of Hidden Apps on Forensic Investigations
  • CSO: Concerns about security, information sharing up among industrial control system security pros
  • SecurityWeek: ICS Security Not Improving, Despite More Attacks
  • The Cybersecurity Podcast: Hackers Infiltrated Ukraine's Power Grid. What's Next? With Rob M. Lee
  • Security Intelligence: The Evolving State of the Mobile Endpoint
  • energy central: How to build NERC CIP compliance: a new course by the SANS Institute
  • Archer Energy Solutions: Secret malware targets critical systems that move your world
  • the energy connective: What Utilities Are Still Learning About the Ukraine Cyberattacks
  • CSM Passcode: Hard lessons for Energy Dept., power sector after Ukraine hack (+video)
  • SearchSecurity: Senate asks President Obama for a cyber act of war definition
  • TechRebublic: LAPD hacks iPhone 5s, proves they don't need Apple backdoor
  • TechRepublic: Cyber threat hunting: How this vulnerability detection strategy gives analysts an edge
  • CSO: Consider the Panama Papers breach a warning
  • TechRepublic: Apple demands to know how FBI cracked San Bernardino iPhone
  • Forbes: Calling All Women: The Cybersecurity Field Needs You And There's A Million Jobs Waiting
  • Forbes: Meet The Ex-Army Hackers Trying To Save America From Blackouts
  • ComputerPowerUser: Q&A With Ed Skoudis: A Lifelong Hacker Spending Time Training Cyber Warriors In CyberCity
  • FCW: Why Mobile Data Security Matters
  • WSJ: Cybersecurity Training, Military Style
  • Bloomberg: In the Age of Cybercrime, the Best Insurance May Be Analog
  • FP: With Power Plants Getting Hacked, Senate Looks For Ways To Keep The Lights On
  • ComputerWorld: Experts warn that 'chip off' plan to access terrorist's iPhone is risky
  • TechBeacon: 5 emerging security technologies set to level the battlefield
  • CSO: Cybersecurity no longer merger afterthought
  • Dark Reading: 7 Attack Trends Making Security Pros Sweat
  • ZDNet: Why the connected car is one of this generation's biggest security risks
  • New York Times: Utilities Cautioned About Potential for a Cyberattack After Ukraine’s
  • Baseline: IT Security Teams Are Stretched to the Limit
  • BBC: Ukraine cyber-attacks 'could happen to UK'
  • Security Insider: Ausbildung und Zertifizierung von IT-Security-Experten
  • Marketplace: Hacking competitions burnish cybersecurity resume
  • Funkschau: Interview zu Continuous Monitoring
  • channelinsdier: 12 Key Facts About the True Costs of Data Breaches
  • ItBusinessEdge: Why Mobile Apps Are Not Getting More Secure
  • SECTANK: Windows 10 liefert mit 'Credential Guard' wichtige Sicherheitsfeatures
  • FierceITSecurity: Data breach impact can linger for years, could cost more than $100M, says SANS study
  • CSO: Preparation lowers long-term post-breach costs
  • fedscoop: Interior Department FISMA audit reveals shortcomings in emergency planning
  • CNN: Hackers could secretly tap into corporate meetings
  • CSO: How much at risk is the U.S.'s critical infrastructure?
  • Wired: Everything We Know About Ukraine's Power Plant Hack
  • ITBusinessEdge: The IoT, IPv6 and DDoS: A Dangerous Mix
  • CNN: Scary questions in Ukraine energy grid hack
  • Foreign Policy: Did Russia Knock Out Ukraine's Power Grid?
  • The Washington Post: Russian hackers suspected in attack that blacked out parts of Ukraine
  • Motherboard: Malware Found Inside Downed Ukrainian Grid Management Points to Cyberattack
  • Forbes: 30 under 30 in Enterprise Technology: Robert M. Lee
  • Security Insider: Wie lief der Angriff auf das Stromnetz der Ukraine?
  • The Dallas Morning News: Breach of power: Foreign hackers prove capable of crippling U.S. electric grid
  • datensicherheit.de: Smartphone-Forensik: Interessantes Feld für Cyber-Untersuchungen
  • FierceITSecurity: CISOs face challenges talking to boards about cyber risks
  • TechRepublic: SSH getting a security tune-up from NIST and IETF
  • Computerwoche: Wie Ihr Security-Training erfolgreich wird
  • Dark Reading: Introducing 'RITA' for Real Intelligence Threat Analysis
  • SearchSecurity: Supply chain security: Controlling third-party risks
  • CIO: Closing the cybersecurity talent gap, one woman at a time
  • BSI: Informationen zum ausgewählten Dokument
  • eWeek: Businesses Lack Resources to Defend Against Cyber-Attacks
  • CSO: Is the board's involvement in cybersecurity really that critical?
  • ITPRO: Parking fine clerk graduates as world-leading cybersecurity talent
  • CBS News: In the dark over power grid security with Larry Pesce, SANS Instructor
  • SearchNetworking: Amid ongoing threats, network security training gains appeal
  • Forensics Magazine: Cautionary Tales from Digital Forensics
  • infosecurity: To Stop APTs You Need Anticipatory Active Defenses
  • SearchSecurity: How to perform a forensic acquisition of a virtual machine disk
  • DFI News/Forensics Magazine: Incident Response Doesn’t Need to Wait
  • TechRepublic: The Windows 10 privacy debacle: Five big issues to consider
  • Security News Desk: You think your confidential data is deleted, but is it?
  • Dark Reading: The Truth About DLP & SIEM: It’s A Process Not A Product
  • WSJ: Phishing Schemes Target IT Workers at Critical Infrastructure Companies
  • SC Magazine: Unique 8 week SANS Cyber Academy kicks off next week
  • Campus Technology: Data Security in Higher Ed – A Moving Target
  • DataKonText: Incident Response - lieber Vorbeugen als Nachsorgen
  • SearchSecurity: Accidental insider threats and four ways to prevent them
  • CSO: CISOs facing boards need better business, communication skills
  • DFI News/Forensics Magazine: Privacy, Attribution and Liability Law for the Digital Investigator
  • DFI News/Forensic Magazine: Digital Investigators Think About the Law
  • SearchNetworking: Horror stories in the consumer market have cast a shadow over the Internet of Things. Are enterprise IoT deployments even more at risk?
  • CSO: Neiman Marcus case a reminder to check your cyber coverage
  • DFI News/Forensic Magazine: Digital Professionals Keeping an Eye on the Law
  • infosecurity: SANS Announces Recruitment Fair for Top Infosec Candidates
  • IT Administrator: Penetration Tests in drahtlosen Umgebungen
  • The Daily Record: Omaha's Solutionary Joins SANS Institute To Create Cybersecurity Jobs for Veterans
  • Dark Reading: How I Learned To Love Active Defense
  • CSO: Regulators seek to limit security software exports
  • SearchCloudSecurity: Using a VMware firewall as part of a defense-in-depth strategy
  • DFI News/Forensic Magazine: Detecting a Data Breach
  • CSO: Electronic Frontier Foundation celebrates 25 years of defending online privacy
  • IT-Director: Riskante Penetrationstests
  • Military Times: Cybersecurity degrees are job magnet
  • SC Magazine: SANS launches aptitude test for would-be cyber sleuths
  • infosecurity: SANS Cyberskills Self-Assessment Addresses Skills Shortage
  • SearchSecurity: Why security operations centers are the key to the future
  • CNN: FBI investigating whether Cardinals Hacked Astros
  • IT Job Magazin: SANS Institut bildet weltweit Cyber-Spezialisten aus
  • SNL: Experts warn utilities to watch for cyberattacks via substation break-ins
  • CNN Video: Rob Lee Discusses the OPM.GOV Hack
  • CNN: Mac attack! Nasty bug lets hackers into Apple computers
  • NetworkWorld: Experts divided on security implications of DOJ's deal with Box
  • WUSA9: CBS (DC) Video - 1.1 million CareFirst members in D.C.-area potentially breached
  • DFI News/Forensic Magazine: The Cybercriminal Takedown: Part 2 With John Bambenek
  • DFI News/Forensic Magazine: Internet Takedowns and Incident Response: Q&A With John Bambenek
  • SearchSecurity: Accidental insider threats and four ways to prevent them
  • DFI News/Forensics Magazine: On the Road to Vegas ... CEIC 2015 That Is
  • Smart Grid Today: SECURITY EXPERTS: Utility IT, OT still miles apart
  • Medical Product Outsourcing: Device Insecurity
  • SearchSecurity: Open source threat model aims to make enterprise safer with less work
  • CBS News Video: Strengthening the nation's defense against hackers
  • infosecurity: DDoS, Lizard Squad and Preparing for Cyber-War
  • SC Magazine: Obama's 'unclassified emails' accessed by Russian hackers
  • Motherboard: Did Iran Launch a Cyberattack Against the US? Probably Not, New Report Says
  • Dark Reading: 6 Most Dangerous New Attack Techniques in 2015
  • SearchSecurity: Pescatore on security success: Breach prevention is possible
  • SC Magazine: RSA 2015: Experts discuss six dangerous attack techniques
  • TheDailyDot: Security companies accused of exaggerating Iran's cyberthreats against the U.S.
  • threatpost: Active DoS Exploits for MS15-034 Under Way
  • SearchSecurity: Accidental insider threats and four ways to prevent them
  • Security Insider: Traumjob Pen Tester : Mit ‚kriminellem‘ Gespür Sicherheit schaffen
  • Computerworld: Experts boost threat level, call for patching critical Windows bug ASAP
  • DarkReading: Microsoft Zero-Day Bug Being Exploited In The Wild
  • threatpost: Ransomware Teslacrypt Still Targeting Gamers
  • SearchSecurity: Patch Tuesday, exploit Thursday: Windows HTTP.sys flaw under attack
  • SC Magazine: SANS Institute launches Cyber Academy
  • SECTANK: Perspektiven in der Sicherheitsberatung (III) – Trainings: „Qualität hat ihren Preis“
  • SearchSecurity: SANS: Enterprises overconfident in ability to detect insider threats
  • MicroScope: Lack of soft skills harming security awareness programmes
  • Fox News: Cyber jihadists could target US TV stations, experts warn
  • SearchSecurity: New cyberthreats: Defending against the digital invasion
  • SC Mag: Zone of protection: Hacker havens
  • CSMonitor: Obama's cyber sanctions order adds punch to fight against foreign hackers (+video)
  • SC Magazine: Me and my job: Johannes Ullrich, SANS Technology Institute
  • SecurityInsider: Internet Storm Center sucht Anomalien im Web Traffic
  • SearchSecurity: Using NIST 800-125-A to understand hypervisor security threats
  • CBC News: CyberCity: Model town on front line of digital terrorism
  • SC Mag: eBook – APTs: New, improved and smarter than ever
  • SearchSecurity: For threat intelligence programs, ROI evaluation proves tricky
  • ComputerWorld Artikel: Industriekontrollsysteme ausser Kontrolle
  • Today Show Video (w/ SANS Instructor James Lyne) – Are free Wi-Fi hotspots secure?
  • SearchSecurity: How to prevent firewall failures with proper testing and maintenance
  • Washington Post: As governor, Jeb Bush used e-mail to discuss security, troop deployments
  • Business Insider: Experts are skeptical that Hillary Clinton's 'homebrew' email server could withstand cyberattacks
  • threatpost: New Technique Complicates Mutex Malware Analysis
  • 1to1 media: Healthcare's Cybersecurity Threat
  • The Daily Beast: Hillary's Secret Email Was a Cyberspy's Dream Weapon
  • Computerworld: Partly cloudy with a chance of hacking?
  • SearchSecurity: DDoS defense planning falls short
  • SecurityWeek: Netatmo Weather Stations Expose Wi-Fi Passwords: Researcher
  • New York Times: Data Breach at Anthem May Lead to Others
  • SearchCloudSecurity: Implementing VMware border router ingress and egress filtering
  • U.S. News & World Report: Choose the Right Online IT Training
  • WSJ: CIOs Eye Obama Cybersecurity Push with 'High Level of Interest'
  • SearchSecurity: Mini risk assessments: Simplifying protection of critical assets
  • TheDailyDot: Hospitals prepare for the fight against hackers
  • FierceCIO: 2014 cyberattack victims in the crosshairs again, warns SANS' Eric Cole
  • Forensic Magazine: Off-the-shelf Nation-state Attacks
  • CSO: Obama proposes new 30-day data breach notification law
  • USA Today: Key industries train to thwart cyber attacks
  • realtimes: what lies in wait: security threats in 2015
  • CSO: 5 lessons to help security pros craft a New Year's resolution
  • SearchCloudSecurity: Understanding VMware ESXi hypervisor security features
  • CSO: Why the board of directors will go off on security in 2015
  • infosecurity: SANS Warns of Shellshock Attacks on NAS Kit
  • SearchSecurity: Using secure network tiers to bolster network security rules
  • WSJ: CIOs and CISOs Can Learn From the Massive Sony Data Breach
  • infosecurity: Cyber-Security SANS Frontières: An Interview with Lance Spitzner
  • NetworkWorld: 5 ways to escape password hell
  • SearchSecurity: Using crypto-free zones to thwart advanced attacks
  • Forbes: America's Critical Infrastructure Is Vulnerable To Cyber Attacks
  • SearchSecurity: Operational challenges as cybersecurity gets sensored
  • CSO: Apple's iWorm fix still leaves major hole
  • CU Info Security: White House Hack: A Lesson Learned
  • Forbes: Operational Resilience - Not Just Technology Security - Drives Competitive Advantage
  • WSJ: Sabotage Investigation Highlights Poor Network Monitoring at Utilities
  • CSO: Did researchers help hackers in releasing USB drive exploit?
  • CSO: Three scary, but true, security tales
  • Ars Technica: Shellshock fixes beget another round of patches as attacks mount
  • CSO: Six key defenses against Shellshock attacks
  • SearchSecurity: Attackers already targeting Bash security vulnerability
  • HealthCare Info Security: Ramping Up Medical Device Cybersecurity
  • SearchSecurity: How to build complex passwords and avoid easy breaches
  • CSO: Why retailers like Home Depot get hacked
  • SearchSecurity: The case for NAC-based continuous monitoring for attack detection
  • InformationWeek: HealthCare.gov Breach: The Ripple Effect
  • SearchSecurity: Apple two-factor authentication fail leaves iCloud users vulnerable
  • Bloomberg TV: Is This How Jennifer Lawrence Got Hacked
  • SearchCloudSecurity: Following iCloud hack, experts say enterprise data likely at risk
  • Dice: 4 Interview Qs for Network Penetration Testers
  • HealthCare Info Security: Breach Response: Are We Doing Enough?
  • DevOps: Internet of Things (IoT) poses challenges for DevOps and security
  • Security that works: Three must-have enterprise security fundamentals
  • ZDNet: In wake of hacks, incident response efforts weak in enterprise
  • Government Technology: Crooks are Winning Cyber War, Experts Say
  • IT World Canada: SQL injection attacks can be stopped, says security expert
  • CSO: Defensive tactics against sophisticated cyberspies
  • Associated Press: T1red of p@sswords? Y0u @re N*t @lone!
  • CSO: Today's top skill sets in security -- and why they're in demand
  • Dark Reading: Security Pro File: Spam-Inspired Journey From Physics To Security
  • Dark Reading: New OpenSSL Flaw Exposes SSL To Man-In-The-Middle Attack
  • NetworkWorld: New OpenSSL vulnerability called not as serious as Heartbleed
  • BizTech: Q&A: A Word With Security Expert John Pescatore
  • eWeek: Health Care Sector Faces Rising Pressure to Bolster Data Security
  • CNBC: Cyberwarfare: Protecting 'soft underbelly' of USA
  • Careers Info Security: Why InfoSec Pay Shows Lackluster Gains
  • SearchSecurity: John Pescatore: Evasion techniques aiding advanced targeted attacks
  • CSO: Open campus, security nightmare
  • CSO: A security awareness short list from SANS
  • SearchSecurity: John Pescatore: BYOIT, IoT among top information security trends
  • infosecurity: Infosecurity Europe 2014: Worst Security Threats go Undetected, Warns Dr Eric Cole
  • CSO: In a world of complexity, focus on the basics
  • ComputerWeekly: Cyber threat detection paramount, says SANS fellow
  • SearchSecurity: Good information security leadership demands focus on shared knowledge
  • CSO: Tech titan funding just a start in securing critical open-source projects
  • FederalNewsRadio: Listen to Interview with Alan Paller on Heartbleed
  • Security Bistro: What’s Needed Now: Supply Chain Integrity Testing
  • PC Advisor: Think tank challenges Heartbleed handwringing
  • CSO: Here are the options with Heartbleed-flawed networking gear (Hint: there aren't many)
  • infosecurity: SANS’ Eric Cole Gets Infosecurity Europe Hall of Fame Nod
  • Bloomberg: NSA Said to Exploit Heartbleed Bug for Intelligence for Years
  • SearchSecurity: 'Heartbleed' OpenSSL vulnerability: A slow-motion train wreck
  • Forbes: Avoiding Heartbleed Hype, What To Do To Stay Safe
  • ZDNet: Businesses need to inform users about Heartbleed exposure
  • The Register: Not just websites hit by OpenSSL's Heartbleed – your PC and phone may be in peril too
  • ZDNet: Smart malware campaign attacks only Android
  • FierceCIO: Rise of the CSO: a CIO's power threat or job savior?
  • CSO Magazine: Info sec industry still struggles to attract women
  • WSJ: How Utilities Can Shore up Windows XP Security
  • CIO Insight: The Complicated Relationship Between CIOs and CSOs
  • InfoWorld: A clear-eyed guide to Mac OS X's actual security risks
  • Network World: Focus on fundamentals to reduce data breaches, expert advises
  • CSO Magazine: CyberLocker's success will fuel future copycats
  • Signal Magazine: Resolving the Critical Infrastructure Cybersecurity Puzzle
  • CSO Magazine: SANS seeks feedback in salary survey
  • SC Magazine: RSA 2014: Experts discuss the most dangerous new attack techniques
  • Security Week: Linksys Router Worm Spreading
  • Forbes: New Cyberthreat Report By SANS Institute Delivers Chilling Warning To Healthcare Industry
  • Healthcare Info Security: Study: Endpoint Vulnerabilities Common
  • WSJ: Medical Devices Can Lead to Breaches
  • Energy.Gov: Securing the Nation’s Grid
  • SearchSecurity: Cyberthreats: Know thy enemy in 2014
  • Washington Post: Senate cybersecurity report finds agencies often fail to take basic preventive measures
  • NY Post: Yahoo e-mail customers’ names, passwords stolen
  • SC Magazine: Attacker extorts coveted Twitter username in elaborate social engineering scheme
  • FCW: Is cybersecurity the right job for you?
  • Security Week: Cyber Attack Leverages Internet of Things
  • Design News: Fuzzing Framework Fights Control Hackers
  • Federal News Radio: Target Breach interview with Johannes Ullrich
  • Careers Info Security: Top 10 InfoSec Careers Influencers
  • CSO Magazine: Rising impact of Target breach indicates deeper hack into systems
  • CBC News: Snapchat hack shows vulnerable side of smartphone apps
  • threatpost: Probes Against Linksys Backdoor Port Surging
  • Nextgov: The Ten Worst Hacks of 2013
  • Nextgov: Awards Recognize Best in Government Cybersecurity
  • Security Week: Alleged NSA Payment to RSA Raises New Fears of Gov't Undermining Crypto Security
  • Network World: Take the 10th annual SANS Institute Holiday Hacking Challenge
  • CSMonitor: Target data theft: worrying sign of cyber thieves' sophistication
  • threatpost: Facebook Phishing Campaign Employing Malicious Tumblr Pages
  • ComputerWorld: 300 victims report fake support calls to security org
  • Nextgov: Master's Accreditation Benefits Federal Cyber Pros
  • Course Review: SANS SEC 760 Advanced Exploit Development for Penetration Testers
  • CSO Magazine: Can we use Big Data to stop healthcare hacks?
  • internet evolution: IT Security Pros Click Into CyberWar
  • SC Magazine: The coming Internet of Things
  • Nextgov: Cybersecurity Experts Will Face Off in Mock NetWars
  • WSJ: U.S. Gives Companies Cybersecurity Guidelines to Protect Critical Infrastructure
  • HealthITSecurity: CISO focuses on compliance, collaboration for SANS summit
  • Federal News Radio: DHS, SANS Institute join forces to give agencies cyber primer
  • NetworkWorld: New GIAC certification advances industrial cyber security
  • Certification Magazine: New GIAC cert aimed at protecting industry and infrastructure
  • CSO Magazine: What the Internet of Things means for security
  • Security Bistro: The Global Industrial Cyber Security Professional Certification (GICSP) is Launching in November
  • NBC News: Cyber defenders are in short supply as hacking wars escalate
  • Control Engineering: Cyber security experiment reveals threats to industrial systems
  • eWeek: Cyber-Security in 2013: Software, People Still Have Vulnerabilities
  • ComputerWorld: Shutdown could delay government's patching of IE, Windows and .NET flaws
  • ComputerWorld: Adobe hack shows subscription software vendors lucrative targets
  • TechRepublic: Researchers reverse-engineer the Dropbox client: What it means
  • MIT Technology Review: Dropbox and Similar Services Can Sync Malware
  • CSO Magazine: CSOs: Stop flogging the threats and start providing solutions
  • Business News Daily: Here Comes Windows 8.1 — Should You Upgrade?
  • FCW: Why .gov went dark
  • Infosecurity: Former DHS Secretary Launches Council on Cybersecurity
  • Infosecurity: SANS: Internet of Things Must Drive Fresh Security Approaches
  • Security Bistro: Thinking About How to Secure the Internet of Things (IoT)
  • How to make a bazillion dollars in 2014 from Windows XP
  • HealthITSecurity: Engaging users to augment healthcare security training
  • Course Review: SANS SEC573 Python for Penetration Testers
  • NPR: U.S. Worries NSA Leaker's Files Could Be Hacked
  • So, You Wanna Be a Penetration Tester?
  • CSO Magazine: 5 questions with Alissa Torres, SANS Instructor and Incident Handler at Mandiant
  • WSJ: The Morning Download: Gas Industry Lobbies Against Cyber Standards
  • NetworkWorld: Security analytics will be the next big thing in IT security
  • CyberCity: Training Ground For The Navy SEALs Of Online Defense
  • CNN: America's next threat: Cyberterrorism?
  • Ecommerce Times: Market Jitters Hint at Social Hacks' High Threat Level
  • CSO Magazine: Social engineering in penetration tests: 6 tips for ethical (and legal) use
  • TechTarget: Trusted platform module aids Windows mobile device security
  • Nextgov: New Tool Can Help Agencies Assess Cyber Skills
  • AutomationWorld: An Education in Cyber Security
  • Government Technology: Colorado Embraces New IT Security Philosophy
  • New York Times: Luring Young Web Warriors Is a Priority. It’s Also a Game.
  • NetworkWorld: New course teaches techniques for detecting the most sophisticated malware in RAM only
  • Cybersecurity's Skills Deficiency: Paller: 'There's No Pipeline' of Deep-Knowledge Pros
  • InformationWeek: China Hack Attacks: Play Offense Or Defense?
  • SearchSecurity: Emerging threats include kinetic attack, offensive forensics: RSA 2013
  • CRN: 5 Most Dangerous New Hacking Techniques
  • Control Engineering: Michael Assante and Tim Conway offer security suggestions for plant operators
  • Bank Info Security: CISOs Building Credibility
  • New York Times: Some Victims of Online Hacking Edge Into the Light
  • CSO: How Colorado's CISO is revamping the state's information security -- on a $6,000 budget
  • Fox News: Cyber Experts Needed, But There's a Skills Gap
  • LA Times: Hackers target Western news organizations in China
  • NBC News: Cyber watchdogs worry about worker shortage
  • 3 terrifying, but true, security tales
  • 4 Ways to Spot an Internet Scam
  • A Tiny City Built To Be Destroyed By Cyber Terrorists, So Real Cities Know What’s Coming
  • AirForceTimes: Cybersecurity personnel to have new mission
  • Businessweek: The Battle to Protect Confidential Data
  • BYOD offers tricks and treats for enterprises, say analysts
  • CIO: SANS NetWars tests cybersecurity pros against peers
  • CNN: Scammers create fake donation websites for Sandy victims
  • Comprehensive Cybersecurity: Securing the Human Operating System
  • Course Review: SANS FOR408 Computer Forensic Investigations – Windows In-Depth
  • CSO: It's time to start patching the Human OS
  • Dark Reading: ‘CyberCity’ Faces Its First Attacks Next Month
  • Dice: Did Fried Brain Cells Bag John McAfee?
  • Forbes: The Cloud's Not-So-Secret Weak Link
  • Forensics: When is Data Truly Lost?
  • GCN: NetWars helps develop the future of cybersecurity
  • Hackers claim 12 million Apple IDs from FBI
  • InfoWorld: Eric Cole: Interview with a remarkable security guru
  • Inside a Forensics Investigation
  • IT Security Police: 'Step Away From That IE'
  • NetWars Tournament of Champions Tests the Skills of the Nation’s Top Cyber Security Practitioners
  • NetworkWorld: Want to develop cybersecurity skills? Try SANS Institute's NetWars
  • New Cyber Group Aims To Spread Basic Security
  • Potential for Sandy scams prompts warnings
  • SearchSecurity: Custom, targeted malware attacks demand new malware defense approach
  • SearchSecurity: NetWars CyberCity missions to improve critical infrastructure protection
  • Tool Scans for RTF Files Spreading Malware in Targeted Attacks
  • Washington Post: CyberCity allows government hackers to train for attacks
  • Whitelisting Traffic: A practical Exercise for Network Defenders
  • SANS CyberCon 2012: It's A Secret
  • Forbes: Spammers Are Using Facebook To Impersonate Your Friends
  • NY Post: White-hat cyberbug bounty nets cash
  • CIO: How to Secure Data by Addressing the Human Element
  • Lack of Cyber Career Paths and Training Standards Stymies Security
  • Google Switches On Browser Spy Cam in Chrome
  • Microsoft provides workarounds for Oracle vulnerability
  • DNS Changer: Cyber Criminals, Internet Access And The FBI
  • Washington Post: Cybersecurity chief urges action by Congress
  • DNSChanger apocalypse: Like Y2K, but even snoozier
  • CSO: Alan Paller on cutting through the bull
  • DNS Changer virus threat passes; no significant outages
  • Thousands risk Internet shutdown as U.S. fix expires
  • Botnet infections in the enterprise have experts advocating less automation
  • FBI Could Shut Off Servers
  • The AC/DC lesson: Why IPv4 will be with us a long time
  • Best practices for data encryption, Part 1
  • SANS Digital Forensics and Incident Response Summit
  • SearchSecurity: Password database inventory required following LinkedIn breach
  • InfoWeek: LinkedIn Password Breach: 9 Facts Key To Lawsuit
  • CSO: Advanced persistent threats can be beaten, says expert
  • Understanding and defeating APT, Part 2: Fighting the 'forever war' against implacable foes
  • Understanding and defeating APT, Part 1: Waking up to the who and why behind APT
  • How Ethical Hackers Make Computers Safer
  • SearchSecurity: Kaspersky Flame malware poses little threat to businesses
  • NetworkWorld: New approaches to combat 'sources of evil' and other security issues
  • Old remedies don’t work on new threats; SANS panel will discuss alternative medicine
  • Despite increased infosec spending, breaches and frustration are on the rise
  • 3 Incident Response Essentials with Rob Lee
  • Interview with Ed Skoudis: SANS Cyber Guardians hack to help America win the cyberwar
  • Interview with SANS' Ed Skoudis: America losing the cybersecurity war to hackers
  • Vermont Tech student takes first place in computer skills tournament
  • Pitting Education Against Cyber Attacks
  • CIO: Mobile Malware: Beware Drive-by Downloads on Your Smartphone
  • SC Magazine: The six most dangerous infosec attacks
  • Ed Skoudis: RSA Conference Flash Talks 2012
  • Air Force aims to turn cyber into a career
  • SC Magazine: SANS builds digital certificate checker
  • The 10 Biggest Online Security Myths - And How to Avoid Them
  • CIO: How to Make Time for Continuing Education and Career Development
  • Mobile Device Security Expert Q&A Part II: Start treating phones as computers
  • Mobile Device Security Expert Q&A Part I: Where BYOD policy goes wrong
  • InformationWeek: 7 Ways To Toughen Enterprise Mobile Device Security
  • A Career in Forensics: 5 Key Steps
  • Implement user security awareness training
  • Forbes: Conversations On Cybersecurity: The Trouble With China, Part 1
  • Smart phones getting out of control? SANS hosts first Mobile Device Security Summit
  • REMnux 3 review – a treasure chest for the malware-curious
  • ComputerWorld Artikel: Industriekontrollsysteme ausser Kontrolle
  • Computerworld: Partly cloudy with a chance of hacking?
  • Forbes: Avoiding Heartbleed Hype, What To Do To Stay Safe