February 19, 2014 Added by:Anton Chuvakin
One of the key uses for threat intelligence (TI) data is making better threat intelligence data out of it.
February 18, 2014 Added by:Anton Chuvakin
Sure, I admire the ability of attackers to find all the opportunities for amplification DDoS. DNS – check, NTP – check, SNMP – pending… However, I definitely can not hold the the same admiration for the “defenders” (if they can be called that) who still allow spoofed packets to leave their networks.
February 17, 2014 Added by:Brent Huston
There is no easier way to shut down the interest of a network security or IT administrator than to say the word "monitoring." You can just mention the word and their faces fall as if a rancid odor had suddenly entered the room! And I can’t say that I blame them.
February 03, 2014 Added by:Rob Fuller
There are some great discussions on the NoVA Hackers mailing list. One such discussion was about what the best way to do dns hostname brute forcing was and which tool is better than another. For me, I just use the command line and then parse the results (or just ask the deepmagic.com database ;–)
January 27, 2014 Added by:Electronic Frontier Foundation
Some people have condemned last week’s court decision to reject the bulk of the Federal Communications Commission’s (FCC) Open Internet Order as a threat to Internet innovation and openness. Others hailed it as a victory against dangerous government regulation of the Internet. Paradoxically, there is a lot of truth to both of these claims.
January 27, 2014 Added by:Anthony M. Freed
The attackers used a spear-phishing email designed to look like it was sent by the country’s Shin Bet secret security service which contained a malicious attachment that infected the systems with the Xtreme RAT software, a remote access tool.
January 27, 2014 Added by:Brent Huston
BIA (business impact analysis) is traditionally seen as part of the business continuity process. It helps organizations recognize and prioritize which information, hardware and personnel assets are crucial to the business so that proper planning for contingency situations can be undertaken.
December 21, 2013 Added by:InfoSec Institute
Supervisory control and data acquisition (SCADA) networks are considered by cyber strategists to be the backbone of any country. Critical infrastructure, and in particular control systems, require protection from a variety of cyber threats that could compromise their ordinary operation.
December 11, 2013 Added by:Anthony M. Freed
Given the pace that both government and the private sector are migrating mission-critical operations to managed service providers, should NIST take steps to identify Cloud-based offerings as part of the nation’s critical infrastructure?
November 13, 2013 Added by:InfosecIsland News
Tripwire unveiled the results of a study comparing risk-based security management in the industrial sector to that of other industries.
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
November 07, 2013 Added by:Eric Byres
If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.
October 24, 2013 Added by:Rafal Los
After what appears to be decades of systematically ignoring security challenges, the recent climate of breaches seems to have shaken something loose. Purse strings have loosened. Boards have begun to ask security questions when they have never done so before. And most of all, I'm seeing several organizations formally hiring CISOs and giving them both accountability and control over the security fu...
White House Website Includes Unique Non-Cook... makejoh makejoh on 07-28-2014
EBS Encryption: Enhancing the Amazon Web Ser... makejoh makejoh on 07-28-2014
Security and the Internet of Things... makejoh makejoh on 07-28-2014