Latest Blog Posts

Bd07d58f0d31d48d3764821d109bf165

2015 Verizon DBIR and the Human Attack Surface

April 16, 2015 Added by:Tripwire Inc

Verizon’s annual Data Breach Investigations Report (DBIR) gives annual analysis and insight to the prior year’s security incidents and confirmed data breaches. As a security practitioner, I look to this report as a bellwether for our own security practices – what patterns are emerging and what should be my immediate takeaways to better protect my organization.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

ASV Guidance for SSL/TLS Vulnerabilities

April 16, 2015 Added by:PCI Guru

Hidden by all of the news about v3.1 of the PCI DSS being published, is a notice that was sent to all PCI approved scanning vendors (ASV) from the PCI SSC regarding how to handle SSL and “early TLS” vulnerabilities.

Comments  (0)

Af7244bb99debb4a1152fa49a993a05c

Preview: Suits and Spooks London - May 6-7, 2015

April 16, 2015 Added by:Eduard Kovacs

With less than three weeks to go until Suits and Spooks London 2015 kicks off, the agenda is nearly finalized. Our first 2-day international event will host experts in cyber warfare, intelligence, advanced persistent threats, sophisticated malware, and political issues.

Comments  (0)

0ead717779244d9aab5c1699308850d2

Healthcare Industry Challenged by Data Breaches, Compliance

April 15, 2015 Added by:Brian Prince

In a new report from Vormetric focused on healthcare organizations, almost half (48 percent) of the IT decision makers from the U.S. said their organization either failed a compliance audit or experienced a data breach in the last year.

Comments  (0)

2d84e74c0a40157cd7d83753045dfb96

What Threat Intelligence Data Can Tell Us: The Sad Story of WF

April 15, 2015 Added by:Mary Landesman

People differ in how they approach data analytics. One camp prefers to postulate a theory and find data that supports or negates that theory. Another camp prefers to let the data tell the story.

Comments  (0)

C940e50f90b9e73f42045c05d49c6e17

Real-Time Bidding and Malvertising: A Case Study

April 15, 2015 Added by:Malwarebytes

Malvertising continues to be one of the biggest and most effective infection mechanism which, for the most part, is based on rogue advertisers inserting malicious ads in the machine.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

California Privacy Advocates Urge Defeat of Federal Data Breach Notice Bill

April 14, 2015 Added by:InfosecIsland News

Six California privacy and consumer groups have called on members of the US House Energy and Commerce Committee to oppose federal legislation that would wipe out California's landmark data breach notification laws.

Comments  (0)

6d117b57d55f63febe392e40a478011f

FFIEC Issues Guidance on Destructive Malware Attacks

April 14, 2015 Added by:Anthony M. Freed

The Federal Financial Institutions Examination Council (FFIEC) released two documents with guidance for financial institutions on mitigating risks from the increase in cyber attacks that compromise user credentials or employ destructive software.

Comments  (0)

21d6c9b1539821f5afbd3d8ce5d96380

The CISO Role in Cybersecurity: Solo or Team Sport?

April 14, 2015 Added by:Kevin L. Jackson

The best skill set for preparing someone to become a CISO is a statistical tie between business knowledge and knowledge of IT security best practices.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

The Cost of a Non-Malicious Control System Cyber Incident – More Than $1Billion

April 14, 2015 Added by:Joe Weiss

There is a tendency by many in the cyber security community to only care about malicious cyber attacks as opposed to unintentional cyber incidents.

Comments  (0)

Af7244bb99debb4a1152fa49a993a05c

Law Enforcement, Security Firms Team Up to Disrupt Simda Botnet

April 13, 2015 Added by:Eduard Kovacs

More than a dozen command and control (C&C) servers used by the Simda botnet were seized last week by law enforcement authorities coordinated by Interpol.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

10 Steps to Improve Your Layered Defense Strategy

April 13, 2015 Added by:Tripwire Inc

We have a problem in the security community – or maybe within the modern information age of humanity in general. That problem is we see security as a technology, policy, privacy or people issue, instead of an integrated combination thereof.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

IT Security? “Yes Please,” says Uncle Sam – But Offers No Tangible Help

April 13, 2015 Added by:Patrick Oliver Graf

When it comes to IT security, government agencies around the world are aware of the challenges and risks small and medium-sized enterprises (SMEs) face. So it only figures that they offer help, in the form of initiatives aimed specifically at SMEs.

Comments  (0)

306708aaf995cf6a77d3083885b60907

FireEye Reveals APT30: A Decade-Long Cyber Espionage Campaign Targeting South East Asia

April 12, 2015 Added by:Mike Lennon

FireEye on Sunday uncovered details of a decade-long cyber espionage campaign carried out by China targeting governments, journalists and businesses in South East Asia and India.

Comments  (0)

6a71825dbf6d876764b845e0fd664e0b

Cybersecurity Trends for SMBs: Mobile, Security and the Cloud

April 10, 2015 Added by:Paul Lipman

While SMBs are vulnerable to many of the same types of attacks as the companies making headlines (Target, JP Morgan, Home Depot, Anthem, etc.), they must defend themselves with vastly smaller IT teams and budgets. SMBs are finding they have a unique set of challenges and vulnerabilities that require a comprehensive but tailored approach to security.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Majority of Apps Have Serious Security Issues

April 09, 2015 Added by:Anthony M. Freed

Analysis in the newly released 2015 Cyber Risk Report finds that 86% of web applications tested had serious issues with authentication, access control, and confidentiality, an increase over the previous year’s rate of 72%.

Comments  (0)


« First < Previous | 4 - 5 - 6 - 7 - 8 | Next > Last »