SCADA

6d117b57d55f63febe392e40a478011f

ISACA Addresses IoT Risk Management

February 17, 2015 Added by:Anthony M. Freed

ISACA has released a new guide for organizations concerned about the impact of The Internet of Everything (IOT) on business operations, addressing the potential value and the associated risks involved with expanded connectivity.

Comments  (1)

0ead717779244d9aab5c1699308850d2

PoS Malware Kits Rose in Underground in 2014: Report

February 12, 2015 Added by:Brian Prince

In 2014, while several major companies were coping with breaches of their PoS infrastructure, many smaller retailers were facing the same threat from less-organized groups.

Comments  (5)

507c8b7b935d89fb00bab0609b37de42

Poor SIEM – Why Do We Doom You to Fail?

February 10, 2015 Added by:Robert Eslinger

Some say the current SIEM status quo provides no value and must evolve if it’s to survive. But I believe these views stem from a fundamental misunderstanding of what SIEM does (or should do).

Comments  (2)

Ebb72d4bfba370aecb29bc7519c9dac2

Security Analytics Lessons Learned — and Ignored!

February 10, 2015 Added by:Anton Chuvakin

As I was finishing the most excellent book “Data-Driven Security: Analysis, Visualization and Dashboards“ (see book site also), one paragraph jumped out and bit me in the face – ouch!

Comments  (3)

F45df53d99605d46f5ae32b7bed9fe22

Anthem Breach: How Hackers Stole Credentials and Why Two-Factor Authentication May Help Prevent Future Phishing Scams

February 09, 2015 Added by:Thu Pham

If the Anthem attack was carried out as the result of using a single password, their access security wasn’t up to industry standards. Two-factor authentication may have thwarted attacks by requiring the use of a personal device to verify the identity of a system administrator or other technical employee with access to their database of millions of sensitive records.

Comments  (3)

Fc152e73692bc3c934d248f639d9e963

SSL is Officially Declared Dead

February 09, 2015 Added by:PCI Guru

Not that this should be a surprise to any QSA as the POODLE vulnerability effectively killed SSL. The Council has now officially announced that SSL is no longer deemed to be strong cryptography.

Comments  (3)

201d6e4b7cd0350a1a9ef6e856e28341

ACTUAL Domestic and International ICS Cyber Incidents From Common Causes

February 09, 2015 Added by:Joe Weiss

There is still minimal identification of, much less, “connecting the dots” on ICS cyber incidents.

Comments  (3)

8eb7be5a13cc39a3e56b78aba08b2039

Fighting Advanced Persistent Threat DDoS Using A Pro-Active Defense Approach

February 09, 2015 Added by:Or Katz

In this entry, we’ll also describe how to effectively mitigate future app-layer DDoS attacks by performing a retrospective analysis of an already executed attack.

Comments  (0)

60dcc0d0012f3056175c01d54c2e1722

Anthem Breach: 5 Preventive Steps to Protect Businesses Against Electronic Data Theft

February 05, 2015 Added by:Kevin Watson

This breach highlights that data security is not an issue limited to those processing credit cards. Businesses of all types must think of the type of information stored in their systems and realize they are only as secure as their weakest system.

Comments  (5)

E595c1d49bf4a26f8e14ce59812af80e

White House Turns Attention to Cybersecurity

February 05, 2015 Added by:Patrick Oliver Graf

Cyberattackers and hackers operate in the shadows, lurking away from where conventional law enforcement can easily identify and investigate them. They prefer secrecy and anonymity.

Comments  (3)

E313765e3bec84b2852c1c758f7244b6

Social Media Targeting: A Cautionary Tale

February 05, 2015 Added by:Brent Huston

The mission was simple, obtain either a file that listed more than 100 of their key suppliers, or obtain credentials and successfully logon to their internal supply system from an account that could obtain such a file.

Comments  (5)

Ebb72d4bfba370aecb29bc7519c9dac2

Security Analytics: Projects vs Boxes (Build vs Buy)?

February 04, 2015 Added by:Anton Chuvakin

So, it may seem that there is now a BUILD vs BUY choice…but is there?!

Comments  (4)

03b2ceb73723f8b53cd533e4fba898ee

Severe XSS Flaw Affects Fully Patched Internet Explorer

February 04, 2015 Added by:Pierluigi Paganini

A new critical cross-site scripting (XSS) vulnerability affects fully patched versions of Internet Explorer. The flaw could be exploited by hackers to steal user sensitive data (i.e. login credentials) and inject malicious content into browsing sessions.

Comments  (3)

Ebb72d4bfba370aecb29bc7519c9dac2

Do You Want “Security Analytics” Or Do You Just Hate Your SIEM?

January 27, 2015 Added by:Anton Chuvakin

Now that I’ve taken a fair number of “security analytics” client inquiries (with wildly different meanings of the phase), I can share one emerging pattern: a lot of this newly-found “analytics love” is really old “SIEM hatred” in disguise.

Comments  (3)

Bf90bc151725ec2111a693c0d7eb0858

Stealth Mode: Lying in Wait Inside the White House’s Network

January 26, 2015 Added by:Wallace Sann

Federal agencies need to become more proactive and aggressive in protecting their biggest assets – their data.

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

Dark Technology: Are You (Unknowingly) Putting Your Organization At Risk?

January 21, 2015 Added by:Tripwire Inc

As we go about our daily lives, we are leaving subliminal digital traces behind us from our logical footprint.

Comments  (3)

Page « < 1 - 2 - 3 - 4 - 5 > »