Latest Blog Posts

Fc152e73692bc3c934d248f639d9e963

The Dilemma of PCI Scoping - Part 1

July 28, 2014 Added by:PCI Guru

Based on the email comments of late, there are apparently a lot of you out there that really do not like the Open PCI Scoping Toolkit.

Comments  (0)

F5b1211c3952ce30f829cd3c757a1a7f

Cyphort Detects Surge in Ad Network Infections, a.k.a. “Malvertising”

July 24, 2014 Added by:Ali Golshan

We recently noticed a surge where exploit packs are served from DMO (Destination Marketing Organization) websites using an Ad network called simpleviewinc.com during the July 4th long weekend.

Comments  (2)

B64e021126c832bb29ec9fa988155eaf

Israeli Military and Hamas trade Hacking Attacks

July 24, 2014 Added by:Dan Dieterle

As Israeli ground forces push into Gaza to remove militant Islamic troops and missiles, hacking teams from both sides ply their trades.

Comments  (3)

D36d0936f0c839be7bf2b20d59eaa76d

Security and the Internet of Things

July 24, 2014 Added by:Steve Durbin

The security threats of the Internet of Things (IoT) are broad and potentially devastating and organizations must ensure that technology for both consumers and companies adhere to high standards of safety and security.

Comments  (1)

B742830daed9314883a0edc63daefc42

EBS Encryption: Enhancing the Amazon Web Services Offering with Key Management

July 23, 2014 Added by:Gilad Parann-Nissany

Full disk encryption is becoming more and more popular in cloud settings, and some of the smaller clouds like Google Compute Engine have supported it for a while. Amazon is a bit late to this game, and should lead the way in enabling customer control of encryption keys.

Comments  (1)

7ddc1f3000a13e4dfec28074e9e7b658

White House Website Includes Unique Non-Cookie Tracker, Conflicts With Privacy Policy

July 23, 2014 Added by:Electronic Frontier Foundation

According to the researchers, over 5,000 sites include the canvas fingerprinting, with the vast majority from AddThis.

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Crypto Locker Down, But NOT Out

July 23, 2014 Added by:Brent Huston

Even as the govt was touting their takedown, threat intelligence companies around the world (including MSI), were already noticing that the attackers were mutating, adapting and re-building a new platform to continue their attacks.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

The Unisys Ponemon study – Is It Actually Relevant to ICSs

July 22, 2014 Added by:Joe Weiss

It is important to understand the validity of the observations and conclusions as this report is being widely quoted.

Comments  (0)

Af7244bb99debb4a1152fa49a993a05c

Black Hat Conference Talk on How to Break Tor Cancelled

July 22, 2014 Added by:Eduard Kovacs

Organizers of the Black Hat security conference that's scheduled to take place next month in Las Vegas announced that a presentation detailing how the Tor network's users can be de-anonymized has been cancelled.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Keeping it Simple - Part 1

July 21, 2014 Added by:PCI Guru

Apparently, I struck a nerve with small business people trying to comply with PCI. In an ideal world, most merchants would be filling out SAQ A, but we do not live in an ideal world. As a result, I have collected some ideas on how merchants can make their lives easier.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

The Five Stages of Vulnerability Management

July 21, 2014 Added by:Tripwire Inc

The key to having a good information security program within your organization is having a good vulnerability management program.

Comments  (0)

93c815429fc1ab15a9295a4f55989ae0

Cached Domain Credentials in Vista/7 (AKA Why Full Drive Encryption is Important)

July 17, 2014 Added by:Neohapsis

Without full disk encryption (like BitLocker), sensitive system files will always be available to an attacker, and credentials can be compromised.

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Snowden Continues to Expose Allied Cyber Tactics

July 17, 2014 Added by:Dan Dieterle

NSA whistleblower and Putin poster boy Edward Snowden apparently released yet another document, this one exposing UK cyber spying techniques allegedly used by the GCHQ.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Compliance and Security Seals from a Different Perspective

July 16, 2014 Added by:Rafal Los

Compliance attestations. Quality seals like “Hacker Safe!” All of these things bother most security people I know because to us, these provide very little insight into the security of anything in a tangible way. Or do they?

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Security: Not Just a Checkbox Anymore

July 15, 2014 Added by:Tripwire Inc

There have been many publicized victims of breaches recently. There can often be a lot of conjecture as to what happened, how it happened, and why it happened.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Hacks of Houston Astros, Butler University Put Network Security on Center Stage

July 14, 2014 Added by:Patrick Oliver Graf

Together, the high-profile hacking of the Houston Astros and Butler University show why it’s important for every organization to think like an enterprise in constructing a network security plan.

Comments  (0)


« First < Previous | 2 - 3 - 4 - 5 - 6 | Next > Last »