Latest Blog Posts
July 22, 2014 Added by:Eduard Kovacs
Organizers of the Black Hat security conference that's scheduled to take place next month in Las Vegas announced that a presentation detailing how the Tor network's users can be de-anonymized has been cancelled.
July 21, 2014 Added by:PCI Guru
Apparently, I struck a nerve with small business people trying to comply with PCI. In an ideal world, most merchants would be filling out SAQ A, but we do not live in an ideal world. As a result, I have collected some ideas on how merchants can make their lives easier.
July 17, 2014 Added by:Neohapsis
Without full disk encryption (like BitLocker), sensitive system files will always be available to an attacker, and credentials can be compromised.
July 16, 2014 Added by:Rafal Los
Compliance attestations. Quality seals like “Hacker Safe!” All of these things bother most security people I know because to us, these provide very little insight into the security of anything in a tangible way. Or do they?
July 14, 2014 Added by:Patrick Oliver Graf
Together, the high-profile hacking of the Houston Astros and Butler University show why it’s important for every organization to think like an enterprise in constructing a network security plan.
July 14, 2014 Added by:Eric Byres
As SCADA security professionals we need to pick our security battles carefully. I will be looking deeper into the real goals of any SCADA security policy or technology I am exposed to. Is it really helping make SCADA and ICS safer? Or is it just a way to make control easier? Is it addressing the real risks? Or is it just for show?
July 10, 2014 Added by:Anton Chuvakin
So, occasionally I get this call from somebody (vendor, end-user, investor, etc) inquiring about“the size of the security analytics market.” They are usually shocked at our answer: since there is no such market, there is no size to report.
July 10, 2014 Added by:Mike Lennon
SecurityWeek today announced the official Call for Papers for the 2014 Industrial Control Systems (ICS) Cyber Security Conference, to be held October 20 – 23, 2014 at the Georgia Tech Hotel and Conference Center in Atlanta, Georgia.
July 09, 2014 Added by:Mike Lennon
The U.S. Department of Homeland Security (DHS) has released hundreds of documents, some of which contain sensitive information and potentially vulnerable critical infrastructure points across the United States, in response to a recent Freedom of Information Act (FOIA) request about a cyber-security attack.
July 08, 2014 Added by:Joe Weiss
This is actually two blogs in one. The first is about DHS releasing critical information they weren’t even asked for. The second is about the lack of progress on addressing a subject that DHS made public.