Network Access Control
May 16, 2013 Added by:Francis Cianfrocca
Despite years of engineering, programming, reverse engineering, product development and a generous amount of FUD-driven marketing, the information security industry (loosely defined as representing the forces of good) lags far behind the innovation and sophistication of modern malware perpetrated by the forces of evil.
May 09, 2013 Added by:Michael Fornal
A security check list is a list of security controls that a vendor or application must meet. These controls can range from how storage back up is to be done, to password complexity requirements. Having a checklist can help you in deciding if the application or vendor conforms to your company’s security requirements.
May 07, 2013 Added by:Jarno Limnéll
In reality, a well-prepared cyber attack does not need to last for 15 minutes to succeed. After preparations it takes only seconds to conduct the attack which may hit targets next door as well as those on the other side of the world.
April 05, 2013 Added by:Simon Moffatt
As the devices becomes smarter, greater emphasis is placed on the data and services those devices access. Smartphones today come with a healthy array of encryption features, remote backup, remote data syncing for things like contacts, pictures and music, as well device syncing software like Dropbox. How much data is actually specifically related to the device?
February 26, 2013 Added by:Simon Moffatt
The concept of a well defined business identity is blurring and this is causing a complex reaction in the area of identity and access management. Internal, enterprise class identity and access management (IAM) has been long defined, as the managing of user access as defined by approval workflows, authoritative source integration and well defined system connectivity.
February 21, 2013 Added by:Krypt3ia
I believe that Mandiant published the APT1 report primarily as a means of advertising and not much else. There is talk of the release being given the tacit nod by the government to push through the idea that there is a problem and that China is robbing us blind.
February 18, 2013 Added by:Steve Ragan
Most of the time, attacks considered APTs use 0-Day exploits, or malware that slips past poorly updated AV software, or phishing to compromise a host or organization. There is nothing advanced about attacks like these...
February 11, 2013 Added by:Steve Ragan
If you need a one off example this week of why internal policies are important, or why failure to adhere to them could spell trouble, look no further than Bit9.
February 11, 2013 Added by:Infosec Island
Dark space is everywhere – it’s a major challenge to security teams everywhere. The good news is the problem can be solved, and complete coverage can be achieved.
February 01, 2013 Added by:Infosec Island
The recent attacks against the New York Times allegedly carried out by the Chinese military highlight the importance of layered security to protect sensitive systems and data.
February 01, 2013 Added by:Eric Byres
You see, every January I get asked to make between three and five predictions for the upcoming year. Then every December people remind me that I made those predictions 12 months ago. Then they get to tell me how poorly I did.
February 01, 2013 Added by:Simon Moffatt
This complex chain of correlated "security big data", can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. Big data is here to stay and security analytics just needs to figure out the best way to use it...
January 31, 2013 Added by:Don Eijndhoven
Cyber Ranges as these networks are now often referred to, are fun! And they’re extremely useful in developing real-world skills without disappearing behind bars. It’s not even a new idea; various militaries have been doing it for a while now...
January 29, 2013 Added by:Infosec Island
Researchers at Rapid7 have uncovered that roughly 40-50 million network-enabled devices are at risk due to vulnerabilities in the Universal Plug and Play (UPnP) protocol.
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013