Information Security

Ffc4103a877b409fd8d6da8f854f617e

What We Know About Shellshock and Why the Bash Bug Matters

September 26, 2014 Added by:InfosecIsland News

Opinions vary wildly among experts as to the potential impact of the Shellshock vulnerability. What is known—and agreed upon—at this point, is that Shellshock is a very serious vulnerability because it allows remote code execution and gives the attacker full access to the system.

Comments  (0)

66b2dbdbe2e68ab8e51b5af3d6e360ae

Collective Self-defense: What Japan’s New Defense Policy Means for International Cooperation on Cyber Security

September 04, 2014 Added by:Mihoko Matsubara

Joint exercises are key to making joint operations seamless and increasing the capability of cyber defenses. The Japanese and US governments have committed themselves to revise the US–Japan Defense Cooperation Guidelines by the end of this year and to include bilateral cooperation on cyber security in the revision.

Comments  (0)

306708aaf995cf6a77d3083885b60907

Hackers Exploited Heartbleed Bug to Steal Patient Data from Community Health Systems

August 19, 2014 Added by:Mike Lennon

TrustedSec, citing sources familiar with the incident, said on Tuesday that the initial attack vector was through the infamous “Heartbleed” vulnerability in OpenSSL which provided the attackers a way in, eventually resulting in the compromise of patient data.

Comments  (0)

D36d0936f0c839be7bf2b20d59eaa76d

Security and the Internet of Things

July 24, 2014 Added by:Steve Durbin

The security threats of the Internet of Things (IoT) are broad and potentially devastating and organizations must ensure that technology for both consumers and companies adhere to high standards of safety and security.

Comments  (1)

Ffc4103a877b409fd8d6da8f854f617e

Webcast: Detecting and Preventing Advanced Persistent Threats

July 08, 2014 Added by:InfosecIsland News

Please join Palo Alto Networks and SecurityWeek on Wednesday, July 9th at 1:00 PM ET for an informative webcast on how your organization can better detect and prevent advanced cyber attacks.

Comments  (0)

C55430fdfdac11fc3771a9b94e2bb854

The Security Perimeter is Dead, Long Live the Security Perimeter

July 07, 2014 Added by:Dana Wolf

Forward-thinking companies that tend to be targeted by cyberattacks can no longer afford to play defense with their data assets. With no perimeter left to defend, they need to arm themselves with tools to fight the next battle, not the last one.

Comments  (0)

306708aaf995cf6a77d3083885b60907

Last Chance to Register for Suits and Spooks New York

June 18, 2014 Added by:Mike Lennon

Suits and Spooks NYC will feature over 20 expert speakers in the areas of financial intelligence, special operations, information security, money laundering, and the protection of critical infrastructure.

Comments  (0)

Ec47f9657c90a6db70e5e4f1cd1f7a02

The Struggle to Secure the New IT

June 16, 2014 Added by:Gretchen Hellman

Securing the New IT can seem daunting. However, by broadening your skillsets and seeking to have impactful conversations with business executives on the importance of security strategies and investments, it doesn’t have to be.

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

An Interview with Johan Hybinette

June 16, 2014 Added by:Robb Reck

Johan has served as the CISO and CTO for Schryver Medical for the past five years, and has just accepted the opportunity to join Hosting.com, located just off I-25, in the old Gates Factory.

Comments  (0)

022aafe7eef823af1fa3931a5539ae49

What’s New in PCI DSS v3.0 for Penetration Testing?

May 20, 2014 Added by:Nima Dezhkam

As a main area of our interest, PCI v3.0 enhances the Penetration Testing requirement by adding guidelines that help both the organizations and the auditors to better show and understand two important areas of concern in every PCI compliance effort.

Comments  (0)

D2b743b9ed2d7c357472fa8237d7adaf

Time to Say Goodbye to Admin Privileges

May 14, 2014 Added by:Andrew Avanessian

The most resilient organizations will be those that map out specific security controls that will turn their anticipation of threats into a plan of action. Increasingly, businesses are identifying an emerging theme for preventing security vulnerabilities: restricting employees and IT administrators to standard user accounts and removing the dangers associated with IT admin privileges.

Comments  (1)

23712318a400454a2c049f165106d985

Windows XP End of Life: What Your Organization Can Expect

April 09, 2014 Added by:Scott Montgomery

Whether you want to acknowledge it or not, the Windows XP and 2003 applications and servers in your estate are going to be at significant risk in a few weeks.

Comments  (0)

Fafdf1720f4df1d41c6eacbd2429a06b

Remote Desktop’s Restricted Admin: Is the Cure Worse Than the Disease?

April 01, 2014 Added by:Tal Be'ery

One of the new security features in the latest Windows release (Windows 8.1) is the “Restricted Admin mode for Remote Desktop Connection”. This measure is meant to enhance Windows credential protection against attacks such as Pass-the-Hash and Pass-the-Ticket. However, it appears that cure might be worse than the disease as the new “Restricted Admin mode” opens a new attack surface for the...

Comments  (0)

37c1b0270687e8148e56508e805f8b8e

The Windows XP Rundown is Really About Security

March 18, 2014 Added by:Praveen Manohar

Now is an appropriate time to discuss the implications of the end of XP support and explore what the rundown is really all about: security.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

CrowdStrike Releases Global Threat Report: Tracked More Than 50 Threat Actor Groups in 2013

January 21, 2014 Added by:InfosecIsland News

CrowdStrike's Intelligence Team tracked more than 50 different threat actor groups believed to be behind the majority of sophisticated threats against enterprises in 2013.

Comments  (0)

9fb165a9b7dfef2a9f8ac7d69b22a42c

Vertical Password Guessing Attacks Part I

January 20, 2014 Added by:Vince Kornacki

In this article we'll test our web application with vertical password guessing attacks. Whereas horizontal password guessing attacks entail trying only a few common passwords against a long list of usernames, vertical password guessing attacks entail trying a long list of passwords against a single username.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »