Network Access Control
February 17, 2015 Added by:Brian Prince
According to a survey of 1,000 consumers by ResearchNow, a third of the IT professionals and administrators said they had downloaded an application they were not authorized to use on a corporate device in order to do their job.
February 17, 2015 Added by:Anthony M. Freed
ISACA has released a new guide for organizations concerned about the impact of The Internet of Everything (IOT) on business operations, addressing the potential value and the associated risks involved with expanded connectivity.
February 12, 2015 Added by:Brian Prince
In 2014, while several major companies were coping with breaches of their PoS infrastructure, many smaller retailers were facing the same threat from less-organized groups.
Anthem Breach: How Hackers Stole Credentials and Why Two-Factor Authentication May Help Prevent Future Phishing Scams
February 09, 2015 Added by:Thu Pham
If the Anthem attack was carried out as the result of using a single password, their access security wasn’t up to industry standards. Two-factor authentication may have thwarted attacks by requiring the use of a personal device to verify the identity of a system administrator or other technical employee with access to their database of millions of sensitive records.
February 09, 2015 Added by:Joe Weiss
There is still minimal identification of, much less, “connecting the dots” on ICS cyber incidents.
February 09, 2015 Added by:Or Katz
In this entry, we’ll also describe how to effectively mitigate future app-layer DDoS attacks by performing a retrospective analysis of an already executed attack.
February 05, 2015 Added by:Kevin Watson
This breach highlights that data security is not an issue limited to those processing credit cards. Businesses of all types must think of the type of information stored in their systems and realize they are only as secure as their weakest system.
February 05, 2015 Added by:Brent Huston
The mission was simple, obtain either a file that listed more than 100 of their key suppliers, or obtain credentials and successfully logon to their internal supply system from an account that could obtain such a file.
February 04, 2015 Added by:Anton Chuvakin
So, it may seem that there is now a BUILD vs BUY choice…but is there?!
February 04, 2015 Added by:Pierluigi Paganini
A new critical cross-site scripting (XSS) vulnerability affects fully patched versions of Internet Explorer. The flaw could be exploited by hackers to steal user sensitive data (i.e. login credentials) and inject malicious content into browsing sessions.
January 27, 2015 Added by:Anton Chuvakin
Now that I’ve taken a fair number of “security analytics” client inquiries (with wildly different meanings of the phase), I can share one emerging pattern: a lot of this newly-found “analytics love” is really old “SIEM hatred” in disguise.
January 26, 2015 Added by:Wallace Sann
Federal agencies need to become more proactive and aggressive in protecting their biggest assets – their data.
Health Insurance Firmly in the Crosshairs... milk tran on 03-25-2015
You Make the Rules ... milk tran on 03-25-2015
Stop Relying on IP-based Security Before My ... milk tran on 03-25-2015