Information Security


Office 365 Vulnerability Allowed Unauthorized Administrator Access

January 19, 2014 Added by:Anthony M. Freed

Security researcher Alan Byrne has disclosed a Cross Site Scripting (XSS) vulnerability in Microsoft Office 365 that would allow an attacker to obtain administrator privileges and access to the Email and SharePoint content across the network, as well as the ability to make configuration changes.

Comments  (0)


Dealing With Unrealistic Security Expectations from the Executive Office

January 18, 2014 Added by:Tripwire Inc

So, your CEO keeps hassling you about a “real” plan for securing the company’s technology. You have a plan, telling him “we have done a, b, c and we are going to do d,e,f next month – if you don’t cut our budget.” But he keeps asking for a “real” plan, otherwise he will cut the budget...

Comments  (0)


What the Snowden Leaks Can Teach Us About Data Security

November 14, 2013 Added by:Cam Roberson

One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...

Comments  (0)


Plugging Java’s Holes - Is There a Practical Fix?

September 18, 2013 Added by:Scott Petry

Developers love Java. But its security problems have gotten out of hand. Is there a practical fix?

Comments  (0)


Insider Steals Data of 2 Million Vodafone Germany Customers

September 12, 2013 Added by:Mike Lennon

Vodafone Germany said an attacker with insider knowledge had stolen the personal data of two million of its customers from a server located in Germany.

Comments  (0)


Today's Mobile Device Data Protection Must Go Beyond Encryption

August 21, 2013 Added by:Cam Roberson

Employers can be diligent in installing encryption protection software on the devices their employees use, but what happens if the password is compromised? Whenever the password is known, the laptop, smartphone or tablet is at no less security risk with encryption as it is without.

Comments  (50)


If you Knew you Were Going to be Attacked, What Would you do Differently?

August 14, 2013 Added by:Bill Wheeler

Recent reports have found that cyberattacks against U.S. corporations are on the rise, along with an increase in international threats, especially from China, and emerging threats to small businesses. Today, it’s not a matter of if an organization will be the victim of a cyberattack, but when.

Comments  (3)


CISOs Share Top 10 Tips for Managing IT Security Vendors

July 31, 2013 Added by:InfosecIsland News

Austin-based Wisegate has released a report that provides top 10 tips from leading CISOs to help IT professionals manage security vendors.

Comments  (0)


Why SQL Injection Still Plagues Us

July 23, 2013 Added by:Dan Kuykendall

Eliminating the risk of SQL injection is made complicated by a host of factors -- many of which are out of the developer and security teams’ control. If not addressed completely, web applications are still vulnerable. Let’s look at the problem from each team’s point of view.

Comments  (0)


Michael Santarcangelo on the Value Imperative Mindset in Security

July 12, 2013 Added by:Anthony M. Freed

To better understand how we as security professionals can hone our messaging across the organization and up the corporate food chain to elicit the responses we are seeking, we recently spoke at length with Michael Santarcangelo of Security Catalyst, widely recognized in the security field as an effective communicator and catalyst for change and improvement.

Comments  (0)


Mitigate Security Risk Before Your Business Collapses

July 11, 2013 Added by:Jan Valcke

Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.

Comments  (0)


Webcast: Addressing the Open Doors in Your APT Strategy

July 10, 2013 Added by:InfosecIsland News

With APTs leveraging these weaknesses, it’s critical to have visibility and control of enterprise key and certificate inventories. Cyber criminals understand that the easy targets are those organizations that have little visibility into their threat surface and cannot respond quickly. We need to gain control over trust; we need to plug the gap related to key & certificate-based exploits. (Re...

Comments  (0)


Security Intelligence for the Enterprise - Part 2

July 02, 2013 Added by:Rafal Los

Very few companies are actively using security intelligence for better defense. What gives? This post will describe for you what I believe it means to extract value from security intelligence. And more important, why I believe three out of four enterprises are still failing to get that value.

Comments  (0)


What is Enough Security?

July 01, 2013 Added by:Jarno Limnéll

Enough security is not the same thing as absolute security. Absolute security does not exist. Thus, striving for an illusion hardly supports anyone’s core business.

Comments  (0)


FAQ: Why Are You So Negative About the State of the Security Industry

July 01, 2013 Added by:Brad Bemis

Why are you always so negative about the state of the security industry and how we're fairing in the information protection game?

Comments  (0)


What to do When Traditional Security Isn’t Enough

June 25, 2013 Added by:Paul Lipman

Relying on traditional security measures to catch the bad guy in action or prevent being the victim of a breach doesn’t cut it in today’s threat landscape, and IT teams don’t have the time and resources to address each threat vector in isolation, nor should they have to.

Comments  (1)

Page « < 1 - 2 - 3 - 4 - 5 > »