Latest Posts

259aa33b32fc31717e8a18f2dc9edc19

A Guide to AWS Security

August 20, 2015 Added by:Avishai Wool

Security in AWS is based on a shared responsibility model: Amazon provides and secures the infrastructure, and you are responsible for securing what you run on it.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

Critical iOS "Quicksand" Vulnerability Lets Malicious Mobile Apps to Grab Enterprise Credentials

August 20, 2015 Added by:InfosecIsland News

Mobile security researchers have identified a critical security flaw in the iOS mobile operating system that affects all iPhone, iPod touch, iPad devices running iOS 7 and later.

Comments  (0)

E1dfbe313b63976d1d9cdf7c31b343f3

Inadequate Processing Parameters Add More Chinks in the EMV Armor

August 19, 2015 Added by:Idan Aharoni

Inteller has received information from well-informed industry sources that banks have recently observed several new schemes targeting EMV which were successful in circumventing the standard. While these particular incidents were also limited to SDA, unlike the previously-reported case, they were made possible due to elements in the transaction authorization process that could, theoretically, also ...

Comments  (0)

306708aaf995cf6a77d3083885b60907

Microsoft Patches Critical IE Flaw Exploited in the Wild

August 18, 2015 Added by:Mike Lennon

Microsoft issued an emergency out-of-band update to fix a critical vulnerability (CVE-2015-2502) being actively exploited in the wild and affecting all versions of Internet Explorer from IE 7 through 11.

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Get Physical with your Physical Space

August 17, 2015 Added by:Jayson Wylie

Current social engineering practice has gone beyond mail phishing scams and there is high probability that there is potential of a malicious presence in the mix within the place of work.

Comments  (0)

B7975305d292bb47fb3934171c2a0685

Businesses Should Take a Pass on Traditional Password Security

August 04, 2015 Added by:Geoff Sanders

Historical forms of authentication were never meant for the networked landscape we live in today. The first passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.

Comments  (0)

D36d0936f0c839be7bf2b20d59eaa76d

Hackers and Threats: Cybercrime Syndicates Go Global

August 04, 2015 Added by:Steve Durbin

Organizations are struggling to cope with the quantum speed and sophistication of global cyber-attacks being carried out by organized cyber-criminal syndicates. Moving forward, businesses need to prepare to be targeted at any time, and any place, by multiple assailants. Organizations that wish to keep pace with these developments, and remain financially viable, need to take action now, or face the...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

The Technical Limitations of Lloyd’s Cyber Report on the Insurance Implications of Cyberattack on the US Grid

July 31, 2015 Added by:Joe Weiss

The recent Lloyd’s report on cyber implications of the electric grid serves an important need to understand the insurance implications of a cyber attack against the electric grid. Unfortunately, I believe the technical aspects of the hypothesized attack in the Lloyd’s study are too flawed to be used.

Comments  (0)

219bfe49c4e7e1a3760f307bfecb9954

Debunking Myths: Application Security Checklists Suck

July 31, 2015 Added by:Rohit Sethi

There is a pervasive sentiment amongst the security community about checklists: they suck. We’ve all seen inflexible audit checklists that seem to be highly irrelevant to the specific system being audited.

Comments  (0)

8eb7be5a13cc39a3e56b78aba08b2039

How to Tell a Landscaper From a Thief

July 20, 2015 Added by:Or Katz

Casually dismissed attack reconnaissance should be considered as valuable information and should be treated as such.

Comments  (0)