Latest Blog Posts
The Five-Step Privilege Management Checklist for Financial Organizations
March 27, 2013 Added by:Paul Kenyon
Financial institutions sit at the top end of the scale for security and reputational risk, with their databases of customer information making them especially vulnerable to criminal interception and subject to regulatory obligations.
Comments (0)
SCADA and ICS Security Patching: The Good, the Bad and the Ugly
March 26, 2013 Added by:Eric Byres
Let's examine the good, the bad and the ugly details of patching as a means to secure SCADA and ICS systems. And to begin, let’s suppose patches could be installed without shutting down the process...
Comments (1)
On Iran and Pre-Emptive Cyber Attacks
March 26, 2013 Added by:Don Eijndhoven
Some say that the 'right to strike pre-emptively' is a warning shot across the bow of China, but it cannot be said that it is a timely revelation in any respect. After all, not having formally asserted this right to strike pre-emptively did not deter the cyber attack against Iran's nuclear enrichment facilities in Natanz
Comments (0)
Silky Paws Need Claws – The Problems of Defensive Cyberstrategies
March 25, 2013 Added by:Jarno Limnéll
For societies and armed forces there is today no credible defense without cyber capabilities. The cyber arms race has started, and its speed is accelerating. Nations and other entities are using online weapons, because they are thousands of times cheaper than conventional armaments.
Comments (1)
South Korean Attack & Malware Analysis
March 25, 2013 Added by:Tripwire Inc
From several samples of the malware and logs it has been found that the malware was designed to corrupt the Master Boot Record (MBR) as well as the Volume Boot Record (VMR). Once the corruption has taken place the system reboots leaving the system unusable as the MBR is missing .
Comments (0)
Chinese Whispers, Chinese Lies: Analyzing Mandiant's APT1 Report
March 25, 2013 Added by:Oliver Rochford
The foremost problem with the Mandiant report is that it relies on a view of China and the Chinese Cyber-Operations that has very little to do with situational conditions on the ground.
Comments (0)
Apple Makes Two Factor Authentication Available for Apple IDs
March 22, 2013 Added by:Mike Lennon
In an effort to increase security for user accounts, Apple on Thursday introduced a two-step verification option for Apple IDs.
Comments (0)
Email Security: It's Every Employee's Business
March 22, 2013 Added by:Allan Pratt, MBA
Email security has become part of the job description for every employee. All it takes is one employee to cause a breach that opens up the entire company.
Comments (0)
Security; The non-commodity
March 21, 2013 Added by:Oliver Rochford
In an enterprise environment, a computer comes preloaded with Antivirus. For businesses, this is of course a good thing. It has sadly also had some unintended consequences – mainly to be found in the perception and expectations that customers and end-users have developed because of the commoditization of antivirus.
Comments (2)
Under CISPA, Who Can Get Your Data?
March 21, 2013 Added by:Electronic Frontier Foundation
Under CISPA, companies can collect your information in order to "protect the rights and property" of the company, and then share that information with third parties, including the government, so long as it is for "cybersecurity purposes."
Comments (0)
Sun Tzu and the Art of Cyber-War
March 21, 2013 Added by:Krypt3ia
The overall tactics put forth by the Art of War are applicable because this is warfare we are talking about no matter the landscape (electronic) that we are fighting it in.
Comments (2)
The New Facebook Graph Search: How to Protect Your Privacy
March 21, 2013 Added by:Tom Eston
The Facebook Graph has evolved over the years in order to correlate as much information as possible, making it very easy to search. The issue is that anything you’ve ever posted publically, “Liked,” or were ever tagged in can be quickly searched. Here is how you can protect your privacy...
Comments (0)
Hardening Is Hard If You're Doing It Right
March 20, 2013 Added by:Ian Tibble
The early days of deciding what to do with the risk will be slow and difficult and there might even be some feisty exchanges, but eventually, addressing the risk becomes a mature, documented process that almost melts into the background hum of the machinery of a business.
Comments (0)
Conducting Secure Transactions On-the-go with VPNs
March 20, 2013 Added by:Patrick Oliver Graf
The safeguarding of private customer information has become a top priority for many organizations, thanks in no small part to government regulation and industry oversight, as we move toward an increasingly digital world.
Comments (0)
Phony Identities Result in $200 Million Fraud
March 20, 2013 Added by:Robert Siciliano
Recently, the FBI arrested 13 people in four states. Their crime? Allegedly creating thousands of phony identities with which to steal at least $200 million in one of the largest credit card fraud schemes ever charged by the Department of Justice.
Comments (0)
The Fight Against Secret Surveillance Law Continues: EFF Asks D.C. Circuit to Order Release of Secret Legal Opinion
March 19, 2013 Added by:Electronic Frontier Foundation
In a brief filed on Friday, EFF continued its fight against secret surveillance law, asking the D.C. Circuit Court of Appeals to order the release of a secret opinion of the Office of Legal Counsel (OLC).