Latest Blog Posts

Ebb72d4bfba370aecb29bc7519c9dac2

Now That We Have All That Data What Do We Do, Revisited

March 11, 2015 Added by:Anton Chuvakin

We have SO much security data, how do we make sense of it?

Comments  (0)

93c815429fc1ab15a9295a4f55989ae0

Decide What Starts Automatically On Your PC

March 10, 2015 Added by:Neohapsis

The old advice to disable the auto-play function in Windows is new again, so take a moment and go to Control Panel – AutoPlay and either change the AutoPlay options to “Take no action,” or disable the feature completely.

Comments  (2)

B8db824b8b275afb1f4160f03cd3f733

Software Stockholm Syndrome

March 10, 2015 Added by:Jack Daniel

I don’t have a cure for Software Stockholm Syndrome, but as with many problems awareness is the first step to recovery.

Comments  (4)

Fc152e73692bc3c934d248f639d9e963

An Audit Versus an Assessment

March 10, 2015 Added by:PCI Guru

A lot of people are always calling their PCI assessment an audit. However, certified public accountants (CPA) would tell them that there is a vast difference between the two.

Comments  (1)

00952df30217238f014249cc730f600d

GoDaddy is Just One of the Dominoes That Doesn't Have to Fall

March 10, 2015 Added by:Yair Grindlinger

Cloud security is the responsibility of the enterprise.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Cyber Insurance: Managing the Risk

March 09, 2015 Added by:Tripwire Inc

Cyber insurance is a hot topic of many debates today. It is believed to be the long-awaited cure for high-impact security risks, especially in light of constantly evolving privacy legislation and disclosure obligations – but what actually is it?

Comments  (5)

Ebb72d4bfba370aecb29bc7519c9dac2

Who Validates Alerts Validated by Your Alert Validator Software?

March 09, 2015 Added by:Anton Chuvakin

Pardon the idiotic title, but some recent discussions around security analytics have made this question practically relevant.

Comments  (4)

201d6e4b7cd0350a1a9ef6e856e28341

Observations From Advisen Cyber Risk Conference March 3rd in San Francisco

March 09, 2015 Added by:Joe Weiss

The Conference was focused on data breach with heavy emphasis on recent large data breaches such as Anthem, Sony, Target, etc.

Comments  (4)

0ead717779244d9aab5c1699308850d2

Financial Malware Fell in 2014 As Takedown Operations Have Impact

March 05, 2015 Added by:Brian Prince

One takedown at a time, security researchers and law enforcement were able to make a dent in financial cyber-crime last year.

Comments  (15)

6d117b57d55f63febe392e40a478011f

Resource Scarcity Plaguing Security Programs

March 05, 2015 Added by:Anthony M. Freed

A new study reveals that two-thirds of IT leaders across a broad range of industry verticals believe they lack the resources required to support a robust security program in the face of escalating security threats.

Comments  (10)

Bd07d58f0d31d48d3764821d109bf165

The ‘ABC’ of the ‘APT’

March 05, 2015 Added by:Tripwire Inc

The term APT (Advanced Persistent Threat), like many other acronyms in the world of IT/Information/Cyber Security entered our vocabulary some years ago, along with other partnering phrases, such as Advanced Evasion Techniques (AET), which at the time took the headlines as something new.

Comments  (5)

7ddc1f3000a13e4dfec28074e9e7b658

EFF Joins Civil Society and Computer Security Experts to Call for Rejection of Flawed Cybersecurity Legislation

March 05, 2015 Added by:Electronic Frontier Foundation

EFF has joined 26 civil society organizations and 22 computer security experts in a letter that calls on the Senate Select Committee on Intelligence to reject the Cybersecurity Information Sharing Act of 2015 (CISA).

Comments  (6)

Ffc4103a877b409fd8d6da8f854f617e

Suits and Spooks London: Register Now for Early Bird Rate

March 04, 2015 Added by:InfosecIsland News

Suits and Spooks London 2015 will be our first 2-day international event, and is jointly produced with techUK, an association of over 850 companies that's funded by the British government.

Comments  (3)

Af7244bb99debb4a1152fa49a993a05c

Angler Exploit Kit Uses Domain Shadowing to Evade Detection

March 04, 2015 Added by:Eduard Kovacs

The notorious Angler exploit kit has started leveraging a new technique to ensure that its malicious activities are not interrupted when the domains it uses are blacklisted, researchers at Cisco revealed on Tuesday.

Comments  (5)

Bd07d58f0d31d48d3764821d109bf165

Is Compliance Bad for Security?

March 04, 2015 Added by:Tripwire Inc

Companies like mine, and consultants like me, have long been instructed and expected to pass on the mantra that the solution to security is compliance with standards and that being in compliance means you are secure. Having worked in the industry for more than a decade, I know that this is demonstrably not true.

Comments  (3)

E313765e3bec84b2852c1c758f7244b6

Malware Can Hide in a LOT of Places

March 04, 2015 Added by:Brent Huston

This article about research showing how malware could be hidden in Blu-Ray disks should serve as a reminder to us all that a lot of those “smart” and “Internet-enabled” devices we are buying can also be a risk to our information.

Comments  (4)


« First < Previous | 4 - 5 - 6 - 7 - 8 | Next > Last »