Latest Blog Posts

E595c1d49bf4a26f8e14ce59812af80e

Shellshock Leaves Deep Impact on Network Security

October 09, 2014 Added by:Patrick Oliver Graf

For the last 30 years, a common line of code found in a piece of software has quietly been a dormant security vulnerability – but now, news of the exploit has gone public, sending the network security community into reaction mode.

Comments  (0)

96d1382d50a8e569d7ad3d9ee104a1f7

IT Security’s Russian Roulette -- Legacy Java Vulnerabilities

October 09, 2014 Added by:Prateep Bandharangshi

The two primary reasons that legacy Java security risks persist are cost of mitigation and operational impacts.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Do Not Jump To Conclusions

October 08, 2014 Added by:PCI Guru

The take away from this post is to think through the implications of the Council’s directives before you go off advising organizations that certain technologies are not PCI compliant

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

What Is ICS Cybersecurity – You Don't Need Digital Assets

October 08, 2014 Added by:Joe Weiss

I have a great concern about many people in nuclear (and other) industries only focusing on malicious cyber attacks to the exclusion of unintentional cyber incidents.

Comments  (0)

306708aaf995cf6a77d3083885b60907

Interactive Agenda: 2014 ICS Cyber Security Conference

October 08, 2014 Added by:Mike Lennon

We are happy to unveil the Interactive Agenda for the 2014 ICS Cyber Security Conference! After a sell-out conference in 2013, be sure to Register Now and confirm your spot for this year’s event!

Comments  (0)

Default-avatar

iWorm The First OSX Bot To Use Reddit For CnC: Expect Mac malware to surge

October 07, 2014 Added by:Cyphort

Nowadays, as half of newly issued computers in the enterprise are Macs, OSX malware is also becoming more prevalent.

Comments  (3)

Bd07d58f0d31d48d3764821d109bf165

Shellshock(ed)? How Did Your Security Program Do?

October 07, 2014 Added by:Tripwire Inc

All we should hear from security professionals is glee as their well-oiled machines switch into gear and they get to prove that they are able to operate at times when mere mortals quake in fear. For many though this is not the reality.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Critical Vulnerability Kills Again!!!

October 06, 2014 Added by:Anton Chuvakin

Do not make your security architecture solely reliant on patching. Big vulnerabilities will happen and so will zero-days, so make sure that your entire security architecture does not crumble if there is one critical vulnerability: do defense in depth, layers, “least privilege”, controls not reliant on updates, monitoring, deception, etc.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Accepting Identity Theft

October 06, 2014 Added by:Brent Huston

I can recall a time when I wasn’t concerned about data theft. Eventually, buzz words such as “breach” and “identity theft” became a regular part of my vocabulary.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Unintentional ICS Cyber Incidents Have Had Significant Impacts on Nuclear Plants – Why Aren’t they Being Addressed?

October 02, 2014 Added by:Joe Weiss

The NIST definition of a cyber incident as defined in FIPS PUB 200, Minimum Security Requirements for Federal Information and Information System, is electronic communications between systems or systems and people that impacts Confidentiality, Integrity, and/or Availability. The incident doesn’t have to bemalicious or targeted to be a cyber incident

Comments  (0)

C940e50f90b9e73f42045c05d49c6e17

Five Anti-Analysis Tricks That Sometimes Fool Analysts

October 02, 2014 Added by:Malwarebytes

No malware author wants an analyst snooping around their code, so they employ tricks to inhibit analysis.

Comments  (1)

E595c1d49bf4a26f8e14ce59812af80e

Network Security for CIOs: A Marathon or a Sprint?

October 02, 2014 Added by:Patrick Oliver Graf

The world of IT is going through the same transition, away from the traditional support of “marathoning” to meet goals.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Interested In Business As Usual?

October 01, 2014 Added by:PCI Guru

Organizations are finally realizing that the only way they are ever going to feel secure is to embed security controls in their everyday business processes and make sure that they periodically assess that those controls are working.

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Data Privacy Smoke and Mirrors

October 01, 2014 Added by:Dan Dieterle

As hardware and software manufacturers make public statements about hardening and protecting their services in the name of customer privacy, federal agencies speak out against it – let the smoke and mirrors game begin…

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Software Security - Hackable Even When It's Secure

October 01, 2014 Added by:Rafal Los

On a recent call, one of the smartest technical folks I can name said something that made me reach for a notepad, to take the idea down for further development later. He was talking about why some of the systems enterprises believe are secure really aren't, even if they've managed to avoid some of the key issues.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Patch for ShellShock ASAP!

September 30, 2014 Added by:Brent Huston

Source IPs for probes looking for the vulnerability are growing slowly in number and scope of scans. (As of 9/30/14, 10am Eastern).

Comments  (1)


« First < Previous | 1 - 2 - 3 - 4 - 5 | Next > Last »