Network Access Control
June 17, 2015 Added by:Anton Chuvakin
A reminder: cloud SIEM (“SaaS SIEM”) does not really exist yet [so, those who compute market share numbers for it are simply deluded]. However, today there are some “almost SaaS SIEM” products on the market and I wanted to quickly mention them here, as a part of my current cloud security monitoring research.
June 17, 2015 Added by:Joe Weiss
The lack of focus on the Level 1 devices has been a constant with most critical infrastructure protection articles, conferences, and personal discussions regardless of industry. Consequently, there is a need to better understand the security issues associated with these critical devices.
June 16, 2015 Added by:Eduard Kovacs
Chinese authorities are leveraging watering hole attacks and JSONP hijacking techniques to track down users who might attempt to hide their identity online, according to unified security management and threat intelligence company AlienVault.
June 11, 2015 Added by:Brian Prince
It's not just hype - point-of-sale (PoS) systems are being compromised more than ever, and much of the blame falls on mistakes surrounding remote access.
June 10, 2015 Added by:Brent Huston
More and more computer devices are designed to act like they are people, not machines.
June 08, 2015 Added by:Rebecca Herold
Over the years in the security classes I’ve taught, I’ve covered the importance of program change control management, and I wanted to continue the discussion here because as important as it is, it typically does not get the attention it deserves in most organizations.
June 03, 2015 Added by:Patrick Oliver Graf
These days, you need a password to access every aspect of your digital life, and we all know how problematic that can be.
June 02, 2015 Added by:Brian Prince
Bots are busy little bees on the Internet, and the world of mobile computing may be their next frontier.
June 02, 2015 Added by:Anton Chuvakin
What it all means is that you are buying on faith. There is nothing wrong with it, by the way, but it is useful to be honest about it…
June 01, 2015 Added by:Eduard Kovacs
Kaspersky Lab has published a report detailing the botnet-assisted distributed denial-of-service (DDoS) attacks launched by malicious actors in the first quarter of 2015.
June 01, 2015 Added by:Tripwire Inc
We must also keep a clear mind on one important fact: to acquire what can be dynamic and intangible, and time sensitive artifacts in the early stages of an investigation presents of highest opportunity of success.
June 01, 2015 Added by:Joe Weiss
One of the most important aspects in addressing ICS cyber security is the concept of “systems of systems”.
May 28, 2015 Added by:Anthony M. Freed
The Institute of Electrical and Electronics Engineers (IEEE) has taken the lead in medical device security standards with the release of Building Code for Medical Device Software Security, a set of guidelines to encourage companies to establish a secure baseline for medical software development and production practices.
May 27, 2015 Added by:Peter Zavlaris
This year’s Verizon Data Breach Investigations Report (VDBIR) added a new category to its VERIS (Vocabulary for Event Recording and Incident Sharing) to track attacks with “secondary” motives.
May 27, 2015 Added by:Patrick Oliver Graf
So, should network administrators consider tapping into MSPs for network security in our current environment? The core issue is a common one in network security – convenience vs. security.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015