April 21, 2014 Added by:Tripwire Inc
Put simply, your attack surface is the sum of your security risk exposure. Put another way, it is the aggregate of all known, unknown and potential vulnerabilities and controls across all software, hardware, firmware and networks.
April 14, 2014 Added by:Electronic Frontier Foundation
New documents released by the FBI show that the Bureau is well on its way toward its goal of a fully operational face recognition database by this summer.
April 08, 2014 Added by:Ranjeet Vidwans
Identity and Access Management is as much about process as it is technology.
April 01, 2014 Added by:Tal Be'ery
One of the new security features in the latest Windows release (Windows 8.1) is the “Restricted Admin mode for Remote Desktop Connection”. This measure is meant to enhance Windows credential protection against attacks such as Pass-the-Hash and Pass-the-Ticket. However, it appears that cure might be worse than the disease as the new “Restricted Admin mode” opens a new attack surface for the...
March 13, 2014 Added by:Vince Kornacki
TCPDUMP is extremely useful for monitoring network traffic when debugging applications and performing penetration tests. Unfortunately Android mobile devices do not include the TCPDUMP program. However, do not despair.
March 04, 2014 Added by:Pierluigi Paganini
Another mass compromise of small office/home office (SOHO) wireless routers has been uncovered by researchers from security firm Team Cymru.
February 27, 2014 Added by:Electronic Frontier Foundation
A bill co-sponsored by Reps. Kevin Yoder, Tom Graves, and Jared Polis—HR 1852, The Email Privacy Act—seeks to update ECPA by requiring a probable cause warrant whenever the government wants to access your online private messages.
February 19, 2014 Added by:Anton Chuvakin
One of the key uses for threat intelligence (TI) data is making better threat intelligence data out of it.
February 18, 2014 Added by:Anton Chuvakin
Sure, I admire the ability of attackers to find all the opportunities for amplification DDoS. DNS – check, NTP – check, SNMP – pending… However, I definitely can not hold the the same admiration for the “defenders” (if they can be called that) who still allow spoofed packets to leave their networks.
February 17, 2014 Added by:Brent Huston
There is no easier way to shut down the interest of a network security or IT administrator than to say the word "monitoring." You can just mention the word and their faces fall as if a rancid odor had suddenly entered the room! And I can’t say that I blame them.
February 03, 2014 Added by:Rob Fuller
There are some great discussions on the NoVA Hackers mailing list. One such discussion was about what the best way to do dns hostname brute forcing was and which tool is better than another. For me, I just use the command line and then parse the results (or just ask the deepmagic.com database ;–)
January 28, 2014 Added by:Patrick Oliver Graf
The convergent trends of BYOD, the consumerization of IT and mobility are causing rapid shifts in employees’ expectations for their work environment. Employees are driving the change by working remotely and on their own devices resulting in the workplace itself becoming increasingly flexible.
Is User Experience Part of Your Security Pla... Allan Pratt, MBA on 04-17-2014
On Secure and Agile Collaboration... Kylie Wilson on 04-17-2014
Achieving Code Compliance in an Agile Enviro... Kylie Wilson on 04-17-2014