Latest Blog Posts

Af7244bb99debb4a1152fa49a993a05c

Black Hat Conference Talk on How to Break Tor Cancelled

July 22, 2014 Added by:Eduard Kovacs

Organizers of the Black Hat security conference that's scheduled to take place next month in Las Vegas announced that a presentation detailing how the Tor network's users can be de-anonymized has been cancelled.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Keeping it Simple - Part 1

July 21, 2014 Added by:PCI Guru

Apparently, I struck a nerve with small business people trying to comply with PCI. In an ideal world, most merchants would be filling out SAQ A, but we do not live in an ideal world. As a result, I have collected some ideas on how merchants can make their lives easier.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

The Five Stages of Vulnerability Management

July 21, 2014 Added by:Tripwire Inc

The key to having a good information security program within your organization is having a good vulnerability management program.

Comments  (0)

93c815429fc1ab15a9295a4f55989ae0

Cached Domain Credentials in Vista/7 (AKA Why Full Drive Encryption is Important)

July 17, 2014 Added by:Neohapsis

Without full disk encryption (like BitLocker), sensitive system files will always be available to an attacker, and credentials can be compromised.

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Snowden Continues to Expose Allied Cyber Tactics

July 17, 2014 Added by:Dan Dieterle

NSA whistleblower and Putin poster boy Edward Snowden apparently released yet another document, this one exposing UK cyber spying techniques allegedly used by the GCHQ.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Compliance and Security Seals from a Different Perspective

July 16, 2014 Added by:Rafal Los

Compliance attestations. Quality seals like “Hacker Safe!” All of these things bother most security people I know because to us, these provide very little insight into the security of anything in a tangible way. Or do they?

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Security: Not Just a Checkbox Anymore

July 15, 2014 Added by:Tripwire Inc

There have been many publicized victims of breaches recently. There can often be a lot of conjecture as to what happened, how it happened, and why it happened.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Hacks of Houston Astros, Butler University Put Network Security on Center Stage

July 14, 2014 Added by:Patrick Oliver Graf

Together, the high-profile hacking of the Houston Astros and Butler University show why it’s important for every organization to think like an enterprise in constructing a network security plan.

Comments  (0)

682e0e796084e163c5ca053dd8573b0c

Is BYOD Security Really Concerned with Safety – or Is It About Control?

July 14, 2014 Added by:Eric Byres

As SCADA security professionals we need to pick our security battles carefully. I will be looking deeper into the real goals of any SCADA security policy or technology I am exposed to. Is it really helping make SCADA and ICS safer? Or is it just a way to make control easier? Is it addressing the real risks? Or is it just for show?

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Why No Security Analytics Market?

July 10, 2014 Added by:Anton Chuvakin

So, occasionally I get this call from somebody (vendor, end-user, investor, etc) inquiring about“the size of the security analytics market.” They are usually shocked at our answer: since there is no such market, there is no size to report.

Comments  (0)

7b072d611db66025d89ff3137dcddfb3

Cyber Espionage Campaign Hits Energy Companies

July 10, 2014 Added by:Joel Langill

Over the past couple of weeks, cybersecurity vendors have announced the uncovering of a successful cyber espionage campaign carried out by the Dragonfy hacking group.

Comments  (0)

306708aaf995cf6a77d3083885b60907

2014 ICS Cyber Security Conference Opens Call for Papers

July 10, 2014 Added by:Mike Lennon

SecurityWeek today announced the official Call for Papers for the 2014 Industrial Control Systems (ICS) Cyber Security Conference, to be held October 20 – 23, 2014 at the Georgia Tech Hotel and Conference Center in Atlanta, Georgia.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Why Should We Close the Threat Detection Gap?

July 09, 2014 Added by:Tripwire Inc

By closing off the threat detection gap, we can decrease the value to the criminal of the effort to commit the crime, making it a less worthwhile undertaking in the first place.

Comments  (0)

306708aaf995cf6a77d3083885b60907

DHS Mistakenly Releases 840-pages of Critical Infrastructure Documents

July 09, 2014 Added by:Mike Lennon

The U.S. Department of Homeland Security (DHS) has released hundreds of documents, some of which contain sensitive information and potentially vulnerable critical infrastructure points across the United States, in response to a recent Freedom of Information Act (FOIA) request about a cyber-security attack.

Comments  (0)

4e9404278ec48b9cce4fcfa8ca048c29

Defense in Depth for Advanced Threat Protection

July 09, 2014 Added by:Alain Mayer

I believe that defense in depth – a long-established information assurance concept – can help in developing a sensible strategy for the evolving threat landscape.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Google Aurora vs ICS Aurora – An industry and DHS Debacle

July 08, 2014 Added by:Joe Weiss

This is actually two blogs in one. The first is about DHS releasing critical information they weren’t even asked for. The second is about the lack of progress on addressing a subject that DHS made public.

Comments  (0)


« First < Previous | 4 - 5 - 6 - 7 - 8 | Next > Last »