Latest Blog Posts

Fc152e73692bc3c934d248f639d9e963

Incidental Contact

February 23, 2015 Added by:PCI Guru

I have had a number of questions recently regarding how to deal with the occasional customer that sends cardholder data (CHD) or sensitive authentication data (SAD) to the merchant via email or instant messaging in blatant disregard to security.

Comments  (4)

65be44ae7088566069cc3bef454174a7

Perceptive Privacy Protectors Push for IoT Privacy Protections

February 23, 2015 Added by:Rebecca Herold

The costs of implementing security safeguards and privacy controls are significantly less than the costs, and damage to individuals’ lives, of cleaning up and paying all the associated money and time for security incidents and privacy breaches.

Comments  (3)

Af7244bb99debb4a1152fa49a993a05c

Flaws in Secure Messaging App Telegram Expose Chats

February 23, 2015 Added by:Eduard Kovacs

Telegram, the popular cross-platform messaging app said to be built with a focus on speed and security, is plagued by some serious vulnerabilities that can be exploited to gain access to users’ messages, researchers reported on Monday.

Comments  (7)

8c6609017eb196817ebf7bb4af7e52b0

5 Key Security Capabilities Enterprises Need to Survive the Era of the Hack

February 23, 2015 Added by:Alan Cohen

If enterprises want to counter cyberthreats, they need to both invest in APT and anti-malware technologies and improve their overall security posture.

Comments  (7)

979f414890697f63dd65387a37a77977

Why Harmonizing Cloud Security Standards will Accelerate Cloud Adoption

February 20, 2015 Added by:Evelyn De Souza

As the public cloud becomes mission-critical, business and government applications, many standards bodies and government entities worldwide are issuing stronger security guidance and new standards.

Comments  (8)

0ead717779244d9aab5c1699308850d2

DDoS-for-Hire Services Cheap But Effective

February 19, 2015 Added by:Brian Prince

Distributed denial-of-service attackers are making it relatively cheap to disrupt targeted sites, according to a new report from Verisign.

Comments  (12)

Fb8b25d02a3d508548a993c59946c1e6

SIGINT and Cyber Intelligence

February 19, 2015 Added by:Scott Fitzpatrick

It’s fascinating to watch the political climate being held sway with what are identified as “cyber terrorism” and “cyber war.” But it’s not the first time the Department of Defense has had to come to grips with a polemic decision that would require reengineering their entire fiscal architecture.

Comments  (5)

Fc152e73692bc3c934d248f639d9e963

Council Surveys QSAS on SSL

February 19, 2015 Added by:PCI Guru

The dilemma we have is that while SSL is dead, it is baked into so many products and appliances.

Comments  (7)

7ddc1f3000a13e4dfec28074e9e7b658

Lenovo is Breaking HTTPS Security on its Recent Laptops

February 19, 2015 Added by:Electronic Frontier Foundation

There's been some discussion about whether all copies of Superfish use the same root key to perform the MITM attacks

Comments  (7)

Af7244bb99debb4a1152fa49a993a05c

Malicious Emails Can Cause Android Email App to Crash: Researcher

February 18, 2015 Added by:Eduard Kovacs

According to Hector Marco, a Spain-based security researcher, an attacker can remotely launch a denial-of-service (DoS) attack against a user by sending them a specially crafted email.

Comments  (5)

E595c1d49bf4a26f8e14ce59812af80e

How to Manage Secure Communications in M2M Environments

February 18, 2015 Added by:Patrick Oliver Graf

For all the talk of the Internet of Things (IoT) and machine-to-machine (M2M) communications making our lives easier, there always seems to be a cautionary tale involving security of these devices around every corner.

Comments  (6)

201d6e4b7cd0350a1a9ef6e856e28341

Another ICS Cyber Incident With a Fatality

February 18, 2015 Added by:Joe Weiss

Just like the SCADA system affected during the 2003 Northeast Outage had known software issues, DC Metro was aware its computers and fan ventilation systems for dealing with smoke in tunnels needed to be modernized.

Comments  (4)

8c9639c5e1594aa583549790333cd451

The Year of Threat Intelligence Sharing: Bringing Structure to the Chaos of Big Security Data

February 18, 2015 Added by:Robert McNutt

While no one has a crystal ball to peer in and see what 2015’s landscape will look like, one thing is for sure: hackers are becoming more sophisticated and in order to stave off data breaches, we need to be aggregating and sharing information.

Comments  (3)

0ead717779244d9aab5c1699308850d2

Many IT Pros Ignore Security Policy in Order to Do Their Jobs: Survey

February 17, 2015 Added by:Brian Prince

According to a survey of 1,000 consumers by ResearchNow, a third of the IT professionals and administrators said they had downloaded an application they were not authorized to use on a corporate device in order to do their job.

Comments  (11)

Bd07d58f0d31d48d3764821d109bf165

Three Keys to a Successful Cybersecurity Defense Program

February 17, 2015 Added by:Tripwire Inc

Like any other major initiative, especially a new corporate wide initiative, you need the voice of the CEO.

Comments  (4)

6d117b57d55f63febe392e40a478011f

ISACA Addresses IoT Risk Management

February 17, 2015 Added by:Anthony M. Freed

ISACA has released a new guide for organizations concerned about the impact of The Internet of Everything (IOT) on business operations, addressing the potential value and the associated risks involved with expanded connectivity.

Comments  (4)


« First < Previous | 4 - 5 - 6 - 7 - 8 | Next > Last »