April 17, 2015 Added by:Kasey Cross
Encrypted network traffic improves confidentiality and message integrity, but it also puts organizations at risk. This is because hackers can leverage encryption to conceal their exploits from security devices that do not inspect SSL traffic. Attackers are wising up and taking advantage of this gap in corporate defenses.
April 02, 2015 Added by:Christopher Budd
Back in the early 1990s, AT&T capitalized on this with their “You Will” campaign, which outlined some of the things they said “you will” be able to do in the future. The bright future of technology is intriguing and exciting, but we must first take responsibility for our security and privacy as to avoid any downfalls.
February 23, 2015 Added by:Eduard Kovacs
Telegram, the popular cross-platform messaging app said to be built with a focus on speed and security, is plagued by some serious vulnerabilities that can be exploited to gain access to users’ messages, researchers reported on Monday.
January 19, 2015 Added by:Carson Sweet
Software-defined security changes the game for the CISO and their teams. Security can now move to being an enabler for enterprises that are taking advantage of the business value offered by cloud services and infrastructure, without sacrificing security or compliance.
January 07, 2015 Added by:Michael Leland
Your security team is getting alerts from internal sensors, threat intelligence from multiple sources, and potential indicators of attack or compromise from your SIEM. Relying on these human filters to decode, deduce, and decide what is relevant takes valuable time and can result in long delays between attack, detection, and containment.
November 04, 2013 Added by:Jochem Binst
The online world as we know it today is not the same as the one we got to know in the beginning of the Internet era and certainly not the one that is emerging today! People worldwide are starting to realize this. All they have to do now is act on it. Strong authentication to secure the online world will be embraced since it becomes a necessity; using strong authentication is the next step.
October 09, 2013 Added by:Kyle Adams
Browsers have become extremely complex over the last few years, so does everyone fully understand everything a modern browser does? Of course everyone is familiar with the point and click, redirections, forms . . . normal Web stuff. What you might not know, is that your browser does a lot of things automatically without you asking it to.
July 31, 2013 Added by:InfosecIsland News
Austin-based Wisegate has released a report that provides top 10 tips from leading CISOs to help IT professionals manage security vendors.
July 11, 2013 Added by:Rafal Los
Enterprises face some interesting challenges as they grow. Once you scale to any real size, tasks that seemed simple become unmanageable and difficult, even confused. One of those tasks is vulnerability management, and while it may sound simple and trivial, I assure you it is, indeed, not.
July 10, 2013 Added by:InfosecIsland News
With APTs leveraging these weaknesses, it’s critical to have visibility and control of enterprise key and certificate inventories. Cyber criminals understand that the easy targets are those organizations that have little visibility into their threat surface and cannot respond quickly. We need to gain control over trust; we need to plug the gap related to key & certificate-based exploits. (Re...
March 19, 2013 Added by:Rafal Los
It's time to retire the "castle" analogy when it comes to talking about how real Information Security should behave. I still hear it used a lot, and if you walked around the show floor at RSA 2013 you noticed there is still a tremendous amount of focus and vendor push around 'keeping the bad guys out.'
February 01, 2013 Added by:Infosec Island
The recent attacks against the New York Times allegedly carried out by the Chinese military highlight the importance of layered security to protect sensitive systems and data.
January 29, 2013 Added by:Infosec Island
Researchers at Rapid7 have uncovered that roughly 40-50 million network-enabled devices are at risk due to vulnerabilities in the Universal Plug and Play (UPnP) protocol.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015