System designers have long struggled with the challenge of determining how to control when untrusted applica- tions may perform operations using privacy-sensitive sen- sors securely and effectively. Current systems request that users authorize such operations once (i.e., on install or first use), but malicious applications may abuse such authorizations to collect data stealthily using such sensors. Proposed research methods enable systems to infer the op- erations associated with user input events, but malicious applications may still trick users into allowing unexpected, stealthy operations. To prevent users from being tricked, we propose to bind applications’ operation requests to the associated user input events and how they were ob- tained explicitly, enabling users to authorize operations on privacy-sensitive sensors unambiguously and reuse such authorizations.

This paper takes a look at the current state of device security.

This report is a breakdown of mistakes to be avoided in the IT Seurity arena.

Learn what situations contribute to threat activities towards organizations in the energy industry.

This thought piece draws on the experience of 451 Networks analysts and interviews with defensive security professionals to review major trends in attackers tools, techniques, and processes (TTPs).

Six Important Steps to Evaluating a Web Security Solution from EdgeWave®, offers IT professionals a checklist for evaluating Web security vendor solutions. The goal is to help you size up competitive offerings and understand new approaches to the critical problem of protecting your organization from mailcious web sites and inappropriate web use.

This report takes a look a the Trojan, Dridex.

According to Statcounter, mobile data internet traffic surpassed desktop based traffic for the first time in 2016. With Gartner estimating one-third of all malware coming from mobile devices in 2019 and less than 10% of organizations implementing Mobile Threat Defense solutions1, the threat landscape for mobility is ripe for hackers. Read the report to find out more about how organizations can defend themselves against these threats.

The Cisco 2015 Annual Security Report, which presents the research, insights, and perspectives provided by Cisco® Security Research and other security experts within Cisco, explores the ongoing race between attackers and defenders, and how users are becoming ever-weaker links in the security chain.

This report summarizes the goals and activities of the initiative, the history and status of the initiative and key cyber value-at-risk concept foundations.

This annual report takes a look at the bug bounty industry in 2018.

This article provides an insightful report on a CryptoMining Operation.

This report covers the challenges, trends and benefits of Content Filtering in a mobile-first environment.

This report aims to compare the effectiveness of a selection of threat detection appliances. The products were exposed to internet threats that were live during the test period, as well as crafted exploit-based attacks.

This paper is designed to help you put together your organization’s network security policy.