Latest Posts

Bd07d58f0d31d48d3764821d109bf165

Is User Experience Part of Your Security Plan?

April 15, 2014 Added by:Tripwire Inc

One common theme across the information organizations that I work with is that everyone wants to do the right thing. Unfortunately, that often means onerous and complicated security policies that translate into awkward steps that users must take.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

SIEM Webinar Questions – Answered

April 15, 2014 Added by:Anton Chuvakin

Last year, I did this great SIEM webinar on “SIEM Architecture and Operational Processes”...and received a lot of excellent questions. This is the forgotten post with said questions.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

Electric Grid Safety Hinges on Partnership and Information Sharing

April 14, 2014 Added by:InfosecIsland News

Electric utilities have been focused on improving the safety and reliability of the complex and dynamic electric grid for years, testified Sue Kelly, president and CEO of the American Public Power Association (Public Power) at a Senate Energy and Natural Resources Committee hearing.

Comments  (0)

65be44ae7088566069cc3bef454174a7

Rx for Incorrect Compliance Claims and XP

April 14, 2014 Added by:Rebecca Herold

I advise all organizations to identify their systems running XP, determine the risks to PHI of those systems, and then establish a plan to upgrade appropriately and in the nearest time feasible.

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

FBI Plans to Have 52 Million Photos in its NGI Face Recognition Database by Next Year

April 14, 2014 Added by:Electronic Frontier Foundation

New documents released by the FBI show that the Bureau is well on its way toward its goal of a fully operational face recognition database by this summer.

Comments  (0)

B742830daed9314883a0edc63daefc42

NSA vs. Cloud Encryption: Which is Stronger?

April 12, 2014 Added by:Gilad Parann-Nissany

The NSA is powerful: they watch, they listen, they collect data. In cases of national security, perhaps this is a good method to catch terrorists. In cases of private business data, there is a way to block the NSA from getting to your sensitive information: strong data encryption.

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

OpenSSL “Heartbleed” – Whose Vulnerable and How to Check

April 10, 2014 Added by:Dan Dieterle

The Internet is plastered with news about the OpenSSL heartbeat “Heartbleed” (CVE-2014-0160) vulnerability that some say affects up to 2/3 of the Internet.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

OpenSSL Problem is HUGE – PAY ATTENTION

April 10, 2014 Added by:Brent Huston

The attack allows an attacker to remotely tamper with OpenSSL implementations to dump PLAIN TEXT secrets, passwords, encryption keys, certificates, etc. They can then use this information against you.

Comments  (0)

23712318a400454a2c049f165106d985

Windows XP End of Life: What Your Organization Can Expect

April 09, 2014 Added by:Scott Montgomery

Whether you want to acknowledge it or not, the Windows XP and 2003 applications and servers in your estate are going to be at significant risk in a few weeks.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Heartbleed Should Give You Cardiac Arrest

April 09, 2014 Added by:Tripwire Inc

Estimates are over 66% of active websites on the internet may be vulnerable to this bug, found in OpenSSL, an open source cryptographic library used in the Apache web server and ignx when creating communications with users.

Comments  (0)