February 19, 2013 Added by:Mike Lennon
In a fascinating, unprecedented, and statistics-packed report, security firm Mandiant made direct allegations and exposed a multi-year, massive cyber espionage campaign that they say with confidence is the work of China.
February 14, 2013 Added by:Mike Lennon
The exploits have been seen in extremely targeted attacks against high profile targets, and are a sophisticated effort that appear to be the first to successfully escape Adobe’s “protected mode” sandbox. Make no mistake about it; this attack is serious business and not the work of amateurs.
February 12, 2013 Added by:Robert Siciliano
Sometimes it’s the worst things that can happen that become the eye-opening best things that effect positive change. The year 2012 saw numerous high-profile data breaches, epic hacks, full-on hacktivism and lots of major identity theft ring busts.
February 11, 2013 Added by:Brandon Knight
In the third, and last, installment in the Mobile App Security Series, we will be taking a look at some common flaws found in the way that mobile apps, or more accurately, the backend services which support them, perform authentication.
February 01, 2013 Added by:Infosec Island
The recent attacks against the New York Times allegedly carried out by the Chinese military highlight the importance of layered security to protect sensitive systems and data.
January 31, 2013 Added by:Infosec Island
The New York Times said it had fallen victim to hackers possibly connected to China's military, linking the sophisticated attacks to its expose of the vast wealth amassed by Premier Wen Jiabao's family.
January 31, 2013 Added by:Rafal Los
Before you tell me that risk classifications are important, water is wet, the sun is hot and ice is cold, I'd like to remind you how many enterprises still do it poorly. I almost wish it was a simple as data telling you it's critical or not, but let's face it the game is very rarely that simple...
January 31, 2013 Added by:Robert Siciliano
With all this invaluable data and information, and the growth in smartphones and tablets, it’s natural for criminal hackers to see these new devices as a huge opportunity, much like they did with the PC. So if you have a smartphone or tablet, make sure you take steps to protect yourself...
January 29, 2013 Added by:Infosec Island
Attacks can come from anywhere. Even more daunting is that not all malware is alike. Learn about battling advanced threats and the progressive strategies to battle malware from this new white paper.
January 29, 2013 Added by:Robert Siciliano
If you choose to use your personal device for employment purposes then your employer may take control over that device to protect themselves. In a company mobile liability policy, the employer often has remote capabilities to monitor activity and in the event of loss or employee termination wipe the data...
January 27, 2013 Added by:Tripwire Inc
One place I’ve actually seen effective information and practice sharing is through Information Sharing and Analysis Centers, or ISACs. These tend to be industry- or domain-specific groups that get together and share information about common concerns, challenges, and opportunities...
January 25, 2013 Added by:Bozidar Spirovski
Services are most vulnerable during change. Continuity of service needs to be ensured during change, and large portions of several ISO and BSI standards are focused on proper management of change. However well controlled, an incident can occur during the change, thus causing failure of service...
January 21, 2013 Added by:Wendy Nather
I was fascinated to read about the last year cancellation of the British Ruby conference due to the arguments that the speaker lineup lacked diversity. Other people have their own opinions on why we have this problem and what we should do about it...
January 17, 2013 Added by:Steven Fox, CISSP, QSA
Listening to bad brand statements is like sitting through a bad movie or comedy skit. Yes, I am among those who stand politely as a vendor tries to sell me something without bothering to determine what I actually care about. At least I get to learn about bad brand stories...
January 17, 2013 Added by:Rebecca Herold
There is a topic that has been coming up, over and over and over again over the past 12 years, that I’ve never seen addressed in other publications. What does your organization do with all the personal information you collect from job applicants? Consider a real situation I encountered around ten years ago...
January 16, 2013 Added by:Ed Bellis
Gene Kim was kind enough to provide me with an advanced review copy of The Phoenix Project who is a co-author of the book. Fair warning: the first half of this book brought back nails-on-a-chalkboard type memories of dealing with large-scale audits and everything that comes with it...
Student Pleads Guilty to Counterfeiting Coup... on 06-18-2013
Starting to Clean Up the Mess from PCAnywher... Peggy Patterson on 06-18-2013