CVE
Embracing Cyber Resilience in Today's Cyber-Enabled World
May 06, 2015 Added by:Steve Durbin
Organizations function in a progressively cyber-enabled world today and traditional risk management isn’t nimble enough to deal with the risks from activity in cyberspace. Enterprise risk management needs to be extended to create risk resilience, built on a foundation of preparedness.
Comments (0)
5 Ways Schools Can Upgrade Cyber Security
May 06, 2015 Added by:Paul Lipman
Today’s cyber criminals are more aggressive than ever before in their quest to achieve financial gains through hacking. With that being said, it should come as no surprise that our nation's schools are a prime target for such attacks. In this article, iSheriff CEO Paul Lipman highlights the five actions that can be taken to upgrade cyber security practices.
Comments (0)
Serious Security Flaws Found in Hospira LifeCare Drug Pumps
May 06, 2015 Added by:Eduard Kovacs
Researchers have identified several critical vulnerabilities in Hospira LifeCare patient-controlled analgesia (PCA) infusion systems, which can be exploited by a remote attacker to take complete control of affected devices.
Comments (0)
Scenario-based Training for Nuclear Power Plants Based on Actual Nuclear Plant Cyber Incidents
May 06, 2015 Added by:Joe Weiss
There have been more than 500 actual control system cyber incidents globally in multiple industries. The impacts have ranged from trivial to significant environmental releases to significant equipment damage to major cyber-related outages to deaths. Most of the incidents were not malicious and the vast majority were not identified as cyber.
Comments (0)
Flaws in WordPress eCommerce Plugin Expose Over 5,000 Websites
April 30, 2015 Added by:Eduard Kovacs
Researchers at High-Tech Bridge have identified several vulnerabilities in TheCartPress, an eCommerce plugin installed on more than 5,000 WordPress websites.
Comments (0)
The Cost of a Non-Malicious Control System Cyber Incident – More Than $1Billion
April 14, 2015 Added by:Joe Weiss
There is a tendency by many in the cyber security community to only care about malicious cyber attacks as opposed to unintentional cyber incidents.
Comments (0)
Cybersecurity Trends for SMBs: Mobile, Security and the Cloud
April 10, 2015 Added by:Paul Lipman
While SMBs are vulnerable to many of the same types of attacks as the companies making headlines (Target, JP Morgan, Home Depot, Anthem, etc.), they must defend themselves with vastly smaller IT teams and budgets. SMBs are finding they have a unique set of challenges and vulnerabilities that require a comprehensive but tailored approach to security.
Comments (0)
It's Time to Change the Way We Think About the Internet
April 09, 2015 Added by:Peter Zavlaris
The current problem, however, is that while IT has scaled and made tremendous advancements over the last decade, security continues to lag behind.
Comments (0)
Control System Cyber Incidents and Why They are so Often Overlooked
April 09, 2015 Added by:Joe Weiss
Cyber security is now a very hot subject. However, the discussions are about IT cyber security and data breaches not control system cyber security and equipment damage.
Comments (0)
ICS Cyber Incidents – What Relevant Information Actually Exists?
April 02, 2015 Added by:Joe Weiss
There is a need to use the knowledge from previous control system cyber incidents when developing cyber forensics and monitoring technologies, cyber security technologies, training, and to adjust requirements such as the NERC CIPs, Regulatory Guide 5.71/NEI-0809, and CFATS to address what has actually been happening.
Comments (0)
Compromised WordPress Sites Launch Drive-by Attacks Off Pirate Bay Clone
April 01, 2015 Added by:Malwarebytes
WordPress, the leading Content Management System, is one of cyber criminals’ favourite target when it comes to hacking websites.
Comments (0)
Should Infosec Professionals Hack To Understand the Mind of the Attacker?
March 31, 2015 Added by:Tripwire Inc
To anticipate where and how an attacker might strike next, security professionals are realizing the importance of being able to understand the mind of the attacker and what they value in a target.
Comments (0)
The Government Says It Has a Policy on Disclosing Zero-Days, But Where Are the Documents to Prove It?
March 30, 2015 Added by:Electronic Frontier Foundation
Despite the White House’s claim that it had “reinvigorated” its policies in spring 2014 and “established a disciplined, rigorous and high-level decision-making process for vulnerability disclosure,” none of the documents released in response to our lawsuit appear to be newer than 2010.
Comments (0)
Health Insurance Firmly in the Crosshairs
March 23, 2015 Added by:Peter Zavlaris
Premera Blue Cross is the latest victim of what appears to be a long-term APT perpetrated by China. Between CHS, Anthem and now Premera Blue Cross, it’s now safe to say health insurance is firmly in the cross hairs of powerful nation state actors.
Comments (0)
Crouching Yeti APT Actor Still Targeting Industrial Sectors: Kaspersky
March 18, 2015 Added by:Eduard Kovacs
The threat actor group known as Crouching Yeti, Energetic Bear and Dragonfly continues to target organizations across the world. However, experts believe the group has switched targets and infrastructure.
Comments (0)
Taking Advantage of Critical Infrastructure Cybersecurity
March 18, 2015 Added by:Tripwire Inc
A key aspect of President Obama’s information sharing acts have been designed to encourage threat sharing to help protect the organizations and networks involved in critical infrastructure. However, while there are many advancements that still need to be made, there are strengths these networks have that can give defenders a strong footing.
Comments (0)
- Most SMBs Not Equipped to Handle Security Concerns: Study
- Cryptojacking – More than a Nuisance, It Poses a Serious Threat to Data Centers
- Changing Security Behaviors Via a Top Down Approach
- Amnesty International Targeted with NSO Group Spyware
- Plug Your Cloud Cybersecurity Holes
- Criminal Cyberattacks Are Up. Can Automated Security Help Bring Them Down?
- U.S. Now Leads by Number of DDoS Botnet C&C Servers
- Singapore Health Database Hit by 'Major' Cyberattack
- Q3 Oracle CPU Preview: Fewer Java SE Patches May Not Mean Fewer Flaws
- Memory Protection beyond the Endpoint