Latest Blog Posts


Inside IaaS Security Challenges for Enterprises

May 05, 2015 Added by:Brian Prince

Infrastructure-as-a-service can provide an attractive option for businesses, but approaching security wrong can come with a cost all its own.

Comments  (0)


This Carding Forum is Spamtacular

May 05, 2015 Added by:Malwarebytes

Credit card fraud is a huge problem, and by its very nature falls across the entire security spectrum.

Comments  (0)


Top Critical Skill In Information Security: Be Humble

May 04, 2015 Added by:Tripwire Inc

Being involved in information security is intimidating. Not just because you are dealing with complex technology with serious implications if you fail, but everyone around you is going to be smarter than you. Even your adversaries. Especially your adversaries. Get used to it.

Comments  (0)


By All Means, Do as Little as Possible

May 04, 2015 Added by:PCI Guru

I write this because I have had enough of arguing over the lowest common denominator when it comes to securing networks, servers and applications.

Comments  (0)


RSA 2015: Rise of Chaos!!

May 04, 2015 Added by:Anton Chuvakin

Here is my traditional RSA (#RSAC) reflection post for RSA 2015 Conference – all my personal opinions/impressions/thoughts, of course.

Comments  (0)


Flaws in WordPress eCommerce Plugin Expose Over 5,000 Websites

April 30, 2015 Added by:Eduard Kovacs

Researchers at High-Tech Bridge have identified several vulnerabilities in TheCartPress, an eCommerce plugin installed on more than 5,000 WordPress websites.

Comments  (0)


The Four Most Common Evasive Techniques Used by Malware

April 30, 2015 Added by:Tripwire Inc

Malware might be growing in sophistication when it comes to anti-detection measures, but every day, the security community arrives at new measures that use these same evasion tactics against the malicious software they are designed to protect.

Comments  (0)


Payments Industry Moves to Help Simplify Chip Card Acceptance

April 30, 2015 Added by:InfosecIsland News

The Payments Security Task Force joined with the PCI Security Standards Council and the EMV Migration Forum to launch a chip education curriculum and “pre-qualification” program to help streamline and simplify the EMV testing and certification process for Value Added Resellers and Independent Software Vendors.

Comments  (0)


Password Alert for Chrome, and other Extensions

April 30, 2015 Added by:Malwarebytes

The extension, which only becomes functional once you’ve signed into your Google account, will throw up the metaphorical emergency flares whenever it notices you’ve entered your credentials into a rogue website.

Comments  (0)


New Vulnerabilities Identified in Network Time Protocol Daemon (NTPD)

April 29, 2015 Added by:Anthony M. Freed

The Network Time Foundation’s NTP Project has released updates addressing multiple vulnerabilities discovered in NTPD, where exploitation by an attacker could result in a man-in-the-middle attack or cause a denial of service condition.

Comments  (0)


Expecting to Get Hacked? A Strategy to Turn the Tide

April 29, 2015 Added by:Anup Ghosh

We know that change is hard to implement in organizations. But we also know that doing the same thing over and again and expecting a different result is Einstein’s definition of insanity.

Comments  (0)


Social Engineering: Attackers' Reliable Weapon

April 29, 2015 Added by:Brian Prince

Whatever the ploy, social engineering is the opening salvo in targeted attacks against organizations all over the world.

Comments  (0)


RSA Wrap-Up: There's a Dark Cloud Looming Over Information Security

April 28, 2015 Added by:Peter Zavlaris

The dark cloud looming over the information security industry at this year’s RSA Conference was unmistakable. The questions about whether security is on the right path continue to echo loudly.

Comments  (0)


Hackers Tricked AT&T, Network Solutions Employees in Tesla Attack

April 28, 2015 Added by:Eduard Kovacs

The official website and Twitter accounts of Tesla Motors were briefly hijacked over the weekend. The electric car manufacturer has provided some details on the attack.

Comments  (0)


First Lose the “Cyber” – Then We Can Talk

April 28, 2015 Added by:Robert Vamosi

Cyber is derived from the Greek word meaning skilled in steering or governing, neither of which directly apply to the Internet which is decentralized by design and therefore cannot be directly steered nor governed. The Internet is a resilient network of free-flowing information and data.

Comments  (0)


How to Resolve the BYOD Stand-Off Between Employees and IT

April 28, 2015 Added by:Patrick Oliver Graf

Users want, and demand, access to a broad range of personal mobile devices in the workplace. They want to be able to safely access work files on their phones while on-the-go and work from their homes on their personal laptops.

Comments  (0)

« First < Previous | 2 - 3 - 4 - 5 - 6 | Next > Last »