August 20, 2015 Added by:InfosecIsland News
Mobile security researchers have identified a critical security flaw in the iOS mobile operating system that affects all iPhone, iPod touch, iPad devices running iOS 7 and later.
August 19, 2015 Added by:Idan Aharoni
Inteller has received information from well-informed industry sources that banks have recently observed several new schemes targeting EMV which were successful in circumventing the standard. While these particular incidents were also limited to SDA, unlike the previously-reported case, they were made possible due to elements in the transaction authorization process that could, theoretically, also ...
August 18, 2015 Added by:Mike Lennon
Microsoft issued an emergency out-of-band update to fix a critical vulnerability (CVE-2015-2502) being actively exploited in the wild and affecting all versions of Internet Explorer from IE 7 through 11.
August 04, 2015 Added by:Geoff Sanders
Historical forms of authentication were never meant for the networked landscape we live in today. The ﬁrst passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.
August 04, 2015 Added by:Steve Durbin
Organizations are struggling to cope with the quantum speed and sophistication of global cyber-attacks being carried out by organized cyber-criminal syndicates. Moving forward, businesses need to prepare to be targeted at any time, and any place, by multiple assailants. Organizations that wish to keep pace with these developments, and remain financially viable, need to take action now, or face the...
The Technical Limitations of Lloyd’s Cyber Report on the Insurance Implications of Cyberattack on the US Grid
July 31, 2015 Added by:Joe Weiss
The recent Lloyd’s report on cyber implications of the electric grid serves an important need to understand the insurance implications of a cyber attack against the electric grid. Unfortunately, I believe the technical aspects of the hypothesized attack in the Lloyd’s study are too flawed to be used.
July 31, 2015 Added by:Rohit Sethi
There is a pervasive sentiment amongst the security community about checklists: they suck. We’ve all seen inflexible audit checklists that seem to be highly irrelevant to the specific system being audited.