December 24, 2014 Added by:Brian Prince
A server that lacked two-factor authentication was the gateway hackers used to breach JPMorgan Chase this year, according to a report.
December 24, 2014 Added by:Tripwire Inc
In previous posts, we’ve discussed using refrigerators as literal bombs launched by catapults and fridges used as bots to execute denial-of-service attacks against hapless networks. But now, all that is small potatoes when you think about the rapid push towards the creation of the Internet of Things.
December 23, 2014 Added by:Patrick Oliver Graf
Almost one year ago to the day, the “most wonderful time of the year” became anything but for millions of Americans when news of the Target data breach broke. Not only did that attack force us all to think twice about how our digital information is managed, it forever changed the network security landscape and put IT administrators in a perpetual state of high alert.
December 17, 2014 Added by:Pierluigi Paganini
The flaw resides in the authorization system in Linux which allows privilege escalation through the wheel.
December 15, 2014 Added by:Rebecca Herold
In addition to many really huge organizations, I’ve worked with hundreds of small to midsize businesses over the years. I’ve seen a large portion of the small to midsize organizations completely omitting not just one, but two and in many situations all three of these core elements.
December 11, 2014 Added by:Electronic Frontier Foundation
As many privacy advocates have pointed out recently, it looks like some people in the federal government are intent on reviving the failed Crypto Wars of the 90s.
December 10, 2014 Added by:Tripwire Inc
Although vendors of tools that were vulnerable to the flaw quickly fixed their systems to rely on TLS vs SSL v3, a problem still exists due to TLS padding being a subset of SSLv3’s so that decoding functions for SSLv3 can be used with TLS, as well.
December 10, 2014 Added by:Pierluigi Paganini
GOP released a new archive of Sony Pictures Entertainment confidential data including private information of employees, celebrity phone numbers, film scripts and many more.
December 09, 2014 Added by:Patrick Oliver Graf
Much to the dismay of network administrators, IT security today is complex and multi-faceted, from the varied attack vectors to the different types of attackers themselves. But there is always one constant: the endpoint.
December 05, 2014 Added by:Paul Lipman
The cloud has been widely hailed as the most disruptive force in modern business. Indeed, the world is in the midst of fundamentally profound transformations, enabled by the cloud, in the ways in which we access and interact with data and applications. Unfortunately, the security industry has not kept pace with these transformational trends, necessitating an equally profound change in the way we s...
December 04, 2014 Added by:Thu Pham
The average total cost of a data breach increased 15 percent in 2014 to $3.5 million, this according to the Ponemon Institute’s 2014 Cost of Data Breach Study: Global Analysis. But how does that average vary from industry to industry, each with different types of consumer information and different data regulations?
December 04, 2014 Added by:Joe Weiss
This is not an “I told you so” note. It is a note expressing concern that our critical infrastructure organizations such as NERC, FERC, NRC, NEI, AWWA, and others do not appear to be taking this threat seriously.
December 04, 2014 Added by:Electronic Frontier Foundation
Following recent reports in the Wall Street Journal and Ars Technica, there’s been new interest in the government’s use of a relatively obscure law, the All Writs Act.
December 03, 2014 Added by:Steve Durbin
Despite the undeniable corporate and consumer interest, the security and privacy implications of cloud and mobile connected devices are concerning many security professionals. Countless organizations are still playing catch up – Bring Your Own Device (BYOD) polices are only starting to be embedded, reviewed and updated. IT departments are overwhelmed with the amount of devices entering the workp...
December 03, 2014 Added by:Patrick Oliver Graf
In this “post-privacy” era, network administrators need to understand cyber threats against them, inside and out, in order to set up the strongest defenses.
December 02, 2014 Added by:Pierluigi Paganini
According to the Reuters Agency, the malicious code described in the alert could be the attack vector used by threat actors in the incident occurred to the Sony Pictures.
Wanna Buy Some Dumps?... chip socola on 01-27-2015
Join the Security Intelligence Network on Li... Robin Joan on 01-27-2015
Steps Toward Weaponizing the Android Platfor... Robin Joan on 01-27-2015