Latest Blog Posts
August 04, 2015 Added by:Geoff Sanders
Historical forms of authentication were never meant for the networked landscape we live in today. The ﬁrst passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.
August 04, 2015 Added by:Steve Durbin
Organizations are struggling to cope with the quantum speed and sophistication of global cyber-attacks being carried out by organized cyber-criminal syndicates. Moving forward, businesses need to prepare to be targeted at any time, and any place, by multiple assailants. Organizations that wish to keep pace with these developments, and remain financially viable, need to take action now, or face the...
The Technical Limitations of Lloyd’s Cyber Report on the Insurance Implications of Cyberattack on the US Grid
July 31, 2015 Added by:Joe Weiss
The recent Lloyd’s report on cyber implications of the electric grid serves an important need to understand the insurance implications of a cyber attack against the electric grid. Unfortunately, I believe the technical aspects of the hypothesized attack in the Lloyd’s study are too flawed to be used.
July 31, 2015 Added by:Rohit Sethi
There is a pervasive sentiment amongst the security community about checklists: they suck. We’ve all seen inflexible audit checklists that seem to be highly irrelevant to the specific system being audited.
July 17, 2015 Added by:Alexander Polyakov
As all university networks are complex and consist of numerous modules and there are numerous vulnerabilities in them, protecting them seems a nightmare for any IT team. Cybersecurity is not some separate steps taking from time to time, but the ongoing process.
July 17, 2015 Added by:Rohit Sethi
While static analysis is a very valuable technology for secure development, it is clearly no substitute for building applications with security in mind from the start.
July 06, 2015 Added by:Steve Durbin
Part III in this series looks at the need to institute a cloud assessment process and the four actions that organizations of all sizes can take to better prepare themselves as they place their sensitive data in the cloud.
June 29, 2015 Added by:Shawn Masters
Overcoming the challenges that information sharing presents will require greater collaboration across the financial industry and a focus on combined efforts rather than individual protection
June 25, 2015 Added by:Eduard Kovacs
Based on data from its “telephony honeypot,” anti-fraud company Pindrop Security has determined that the number of scam calls aimed at enterprises has increased by 30 percent since 2013.
June 25, 2015 Added by:Malwarebytes
Dutch security firm Fox-IT has identified the payload as a new version of Tinba, a well-known banking piece of malware.
June 25, 2015 Added by:Tripwire Inc
In the beginning, there were stack buffer overflows everywhere.
June 25, 2015 Added by:Anton Chuvakin
As a security technologist you may be asked to do the impossible.
June 24, 2015 Added by:Brian Prince
Researchers at Tel Aviv University have demonstrated a method of stealing encryption keys from a PC using a radio receiver small enough to hide inside a piece of pita bread.