Latest Blog Posts

B146ded37e4d5e29224d7d0f33a0dc5e

The Science Behind DDoS Extortion

August 04, 2014 Added by:Dan Holden

Well-known names such as Evernote and Feedly have all fallen victim to extortion attacks, but these companies are just the tip of the iceberg when it comes to this very lucrative criminal activity.

Comments  (0)

65be44ae7088566069cc3bef454174a7

Security is Action…Privacy is the Result of Action

August 04, 2014 Added by:Rebecca Herold

Information security and privacy have a lot of overlaps, but they ultimately involve different actions and different goals, and require those performing them to be able to take different perspectives.

Comments  (0)

Default-avatar

Windows Meets Industrial Control Systems (ICS) Through HAVEX.RAT – It Spells Security Risks

July 31, 2014 Added by:Cyphort

Since the first report on Havex RAT’s involvement with Industrial Control Systems (ICS) emerged last month, ICS operators were reminded to what extent malware authors will go to intrude their systems.

Comments  (1)

B689dd1362bef7eb372a540d3b6e6287

Is it Cheaper to Keep it? Reevaluating Your IAM Solutions

July 31, 2014 Added by:Identropy

The most difficult hurdle to get over can be coming to terms with the fact that the selected solution is not delivering the expected value and deciding to move forward in search of a new solution.

Comments  (0)

C940e50f90b9e73f42045c05d49c6e17

Facebook “Enter Details Here to Enable Your Account”

July 30, 2014 Added by:Malwarebytes

Here’s one in-the-wild phishing campaign that we spotted homing in on users.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Real Hacks of Critical Infrastructure are Occurring – Information Sharing is Not Working

July 30, 2014 Added by:Joe Weiss

My database of actual ICS cyber incidents is >350 and growing. I certainly hope people wake up before it is too late.

Comments  (0)

93c815429fc1ab15a9295a4f55989ae0

Multipath TCP - Black Hat Briefings Teaser

July 29, 2014 Added by:Neohapsis

Multipath TCP: Breaking Today’s networks with Tomorrow’s Protocols. is being presented at Blackhat USA this year by Me (Catherine Pearce @secvalve) as well as Patrick Thomas @coffeetocode. Here is a bit of a tease, it’s a couple of weeks out yet, but we’re really looking forward to it.

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Ad Hoc Security's Surprisingly Negative Residual Effect

July 29, 2014 Added by:Rafal Los

Security is fraught with the ad-hoc approach. Some would argue that the very nature of what we do in the Information Security industry necessitates a level of ad-hoc-ness and that to try and get away from it entirely is foolish.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

"Fake ID" Android Vulnerability in Lets Malicious Apps Impersonate Trusted Apps

July 29, 2014 Added by:InfosecIsland News

A serious vulnerability exists in the Android operating system, which could allow malicious apps to impersonate well-known trusted apps such as Google Wallet.

Comments  (1)

Bd07d58f0d31d48d3764821d109bf165

Connecting Bellwether Metrics to the Business

July 28, 2014 Added by:Tripwire Inc

Benchmark facilitates organizations who want to define and track their own Bellwether metrics—comparing only with their own internal goals and trends.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

The Dilemma of PCI Scoping - Part 1

July 28, 2014 Added by:PCI Guru

Based on the email comments of late, there are apparently a lot of you out there that really do not like the Open PCI Scoping Toolkit.

Comments  (0)

F5b1211c3952ce30f829cd3c757a1a7f

Cyphort Detects Surge in Ad Network Infections, a.k.a. “Malvertising”

July 24, 2014 Added by:Ali Golshan

We recently noticed a surge where exploit packs are served from DMO (Destination Marketing Organization) websites using an Ad network called simpleviewinc.com during the July 4th long weekend.

Comments  (2)

B64e021126c832bb29ec9fa988155eaf

Israeli Military and Hamas trade Hacking Attacks

July 24, 2014 Added by:Dan Dieterle

As Israeli ground forces push into Gaza to remove militant Islamic troops and missiles, hacking teams from both sides ply their trades.

Comments  (3)

D36d0936f0c839be7bf2b20d59eaa76d

Security and the Internet of Things

July 24, 2014 Added by:Steve Durbin

The security threats of the Internet of Things (IoT) are broad and potentially devastating and organizations must ensure that technology for both consumers and companies adhere to high standards of safety and security.

Comments  (1)

B742830daed9314883a0edc63daefc42

EBS Encryption: Enhancing the Amazon Web Services Offering with Key Management

July 23, 2014 Added by:Gilad Parann-Nissany

Full disk encryption is becoming more and more popular in cloud settings, and some of the smaller clouds like Google Compute Engine have supported it for a while. Amazon is a bit late to this game, and should lead the way in enabling customer control of encryption keys.

Comments  (1)

7ddc1f3000a13e4dfec28074e9e7b658

White House Website Includes Unique Non-Cookie Tracker, Conflicts With Privacy Policy

July 23, 2014 Added by:Electronic Frontier Foundation

According to the researchers, over 5,000 sites include the canvas fingerprinting, with the vast majority from AddThis.

Comments  (1)


« First < Previous | 1 - 2 - 3 - 4 - 5 | Next > Last »