May 19, 2015 Added by:Anthony M. Freed
A new study based on the assessment of hundreds of SAP implementations found that over 95% of SAP systems were exposed to vulnerabilities that could lead to full compromise of an organization’s critical data.
May 06, 2015 Added by:Steve Durbin
Organizations function in a progressively cyber-enabled world today and traditional risk management isn’t nimble enough to deal with the risks from activity in cyberspace. Enterprise risk management needs to be extended to create risk resilience, built on a foundation of preparedness.
May 06, 2015 Added by:Paul Lipman
Today’s cyber criminals are more aggressive than ever before in their quest to achieve financial gains through hacking. With that being said, it should come as no surprise that our nation's schools are a prime target for such attacks. In this article, iSheriff CEO Paul Lipman highlights the five actions that can be taken to upgrade cyber security practices.
April 10, 2015 Added by:Paul Lipman
While SMBs are vulnerable to many of the same types of attacks as the companies making headlines (Target, JP Morgan, Home Depot, Anthem, etc.), they must defend themselves with vastly smaller IT teams and budgets. SMBs are finding they have a unique set of challenges and vulnerabilities that require a comprehensive but tailored approach to security.
The Government Says It Has a Policy on Disclosing Zero-Days, But Where Are the Documents to Prove It?
March 30, 2015 Added by:Electronic Frontier Foundation
Despite the White House’s claim that it had “reinvigorated” its policies in spring 2014 and “established a disciplined, rigorous and high-level decision-making process for vulnerability disclosure,” none of the documents released in response to our lawsuit appear to be newer than 2010.
March 23, 2015 Added by:Anthony M. Freed
In yet another case that underscores the risks involved with employee mobile devices, a new study reveals that the average large enterprise has approximately 2,400 unsafe applications installed in its mobile environment.
March 19, 2015 Added by:Steve Durbin
The pace and scale of information security threats continues to accelerate, endangering the integrity and reputation of today’s most trusted organizations. Attackers have become more organized, attacks are more refined, and all threats are more dangerous, and pose more risks, to an organization’s reputation than ever before.
March 13, 2015 Added by:Nimrod Luria
Eliminating defacement attacks on a WordPress site is extremely difficult because of the vulnerable nature of the platform. Administrators should continuously check for the appearance of unknown files and directories and monitor them for changes.
EFF Joins Civil Society and Computer Security Experts to Call for Rejection of Flawed Cybersecurity Legislation
March 05, 2015 Added by:Electronic Frontier Foundation
EFF has joined 26 civil society organizations and 22 computer security experts in a letter that calls on the Senate Select Committee on Intelligence to reject the Cybersecurity Information Sharing Act of 2015 (CISA).
Anthem Breach: How Hackers Stole Credentials and Why Two-Factor Authentication May Help Prevent Future Phishing Scams
February 09, 2015 Added by:Thu Pham
If the Anthem attack was carried out as the result of using a single password, their access security wasn’t up to industry standards. Two-factor authentication may have thwarted attacks by requiring the use of a personal device to verify the identity of a system administrator or other technical employee with access to their database of millions of sensitive records.
February 02, 2015 Added by:Rebecca Herold
I know people use and love the wearable fitness devices and credit them with helping them to get into better shape. However, consumers concerned about privacy want to know about all the data the devices are collecting, along with how it is being used and shared, before using the devices.
January 15, 2015 Added by:Electronic Frontier Foundation
Verizon advertising partner Turn has been caught using Verizon Wireless's UIDH tracking header to resurrect deleted tracking cookies and share them with dozens of major websites and ad networks, forming a vast web of non-consensual online tracking.
January 05, 2015 Added by:Paul Lipman
The emergence of smart, integrated, cloud-based security services will enable a transformation from an alert-centric to an intelligence-centric approach to security. This will vastly enhance the Chief Information Security Officer's (CISO’s) visibility and ultimately deliver substantial improvements in the robustness of the overall security posture.
Hacker to Release Symantec's PCAnywhere Sour... Kajal Singh on 04-21-2015
Financial Malware Fell in 2014 As Takedown O... Kajal Singh on 04-21-2015
Weaknesses in Air Traffic Control Systems ar... Kajal Singh on 04-21-2015