Blog Posts Tagged with "Mitigation"


Securing the Remedy Before the Breach

October 20, 2016 Added by:Eldar Tuvey

Businesses need to put strategic operations in place to ensure they can successfully move forward after a hack has taken place.

Comments  (0)


Bangladesh Bank: Why Aren't We Talking About Privileged Account Management?

April 26, 2016 Added by:Jim Legg

While prevention of the initial breach is an important layer of an enterprise security strategy, perimeter-based threat protection alone is not sufficient to protect against today’s increasingly sophisticated and targeted external security threats.

Comments  (0)


Denying the Deniers: Tackling DDoS Attacks

February 17, 2016 Added by:Avishai Wool

As DDoS continues to be used as a cyber-weapon against websites and online resources, organizations should ensure that they have a response plan in place that includes these mitigation techniques, to help deny attempted denial-of-service attacks.

Comments  (0)


Is DDoS Mitigation as-a-Service Becoming a Defacto Offering for Providers?

November 11, 2015 Added by:Stefan Fouant

In my daily engagements with various customers of all shapes and sizes, it’s truly interesting to see how the approach to DDoS mitigation is changing. Much of this is the result of DDoS mitigation services shifting from a “nice to have” technology to a “must-have”, essential in order to maintain business continuity and availability.

Comments  (0)


Are you meeting your perceived security obligations?

January 19, 2013 Added by:Tripwire Inc

Security professionals today identify lack of qualified talent and lack of organizational funding as a key problem to their daily job; which probably implies that they are doing what they can with what they have; which likely may not meet expectations...

Comments  (0)


Microsoft BlueHat: Five Questions with Katie Moussouris

September 12, 2012 Added by:Fergal Glynn

One of the big stories from this year’s BlackHat conference was Microsoft’s inaugural BlueHat contest which challenged researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. Katie Moussouris discusses...

Comments  (0)


Terminal Services Attack Reductions Redux

September 10, 2012 Added by:Brent Huston

Our testing of the “rdp-sec-check” tool showed it to be quite useful in determining the configuration of exposed Terminal Services and in hardening them. Keep in mind, it is likely useful to harden the Terminal Services implementations internally to critical systems as well...

Comments  (1)


How Practical is a Disconnected Network?

September 10, 2012 Added by:Rafal Los

Air-gapped networks are difficult to maintain, and what happens when you have to transfer data from that air-gapped network to somewhere else. What if you have to install printer drivers or update your anti-virus signatures? Doesn't sound so easy to do now, does it?

Comments  (2)


Latest SAP Security News

August 29, 2012 Added by:Alexander Polyakov

The most interesting thing is that the SAP HostControl is exposed to the Internet by many companies. Speaking numbers, 10% of companies that use SAP worldwide expose the SAP HostControl service to the Internet. I think you can imagine what can be done to those companies if hackers exploited this hole...

Comments  (0)


A Packet of Risks and a Small Pot of Tea

July 29, 2012 Added by:Christopher Laing

Risks are just circumstances that if they occurred, would have some impact on the business. Naturally risks can potentially disrupt the business, but if identified, planned for, and effectively managed, risks can have a beneficial impact on the business. The key word here is managed...

Comments  (0)


ICS-CERT: OSIsoft Stack-Based Buffer Overflow Vulnerability

July 23, 2012 Added by:Infosec Island Admin

ICS-CERT has received a report from OSIsoft concerning a stack-based buffer overflow in the PI OPC DA Interface software that could cause the software to crash or allow a remote attacker to execute arbitrary code. This vulnerability was discovered during a software assessment requested by OSIsoft and funded by DHS...

Comments  (0)


On Failing Gracefully...

July 18, 2012 Added by:Neira Jones

You know the feeling: You think you have it all under control, you think you've engaged with the right people, you have buy in from those who matter, the right culture is in place, you're not struggling for investment and bang! You get hacked. Overwhelming sense of failure ensues. Where did it all go wrong?

Comments  (0)


Infosec: Is it Really OK to Say No?

July 16, 2012 Added by:Scott Thomas

Our job isn't to run the business or set direction, our job is to tell the ones at the helm that building a boat out of tin foil is a bad idea. We need to change the sign on the door from "Department of No" to "How does this affect our risk-posture?" and realize even then sometimes you need to say "No"...

Comments  (3)


ICS-CERT: Tridium Niagara Vulnerabilities

July 16, 2012 Added by:Infosec Island Admin

Researchers have notified ICS-CERT of a directory traversal and weak credential storage vulnerability with proof-of-concept exploit code for Tridium Niagara AX Framework software that is exploitable by downloading and decrypting the file containing the user credentials from the server...

Comments  (1)


Advanced Persistent Threats: Separating the Unicorns from Reality

July 14, 2012 Added by:Rafal Los

APT - Advanced Persistent Threat has been the nervous topic for a long time now in Information Security. While there is a metric ton of misinformation and confusion about what constitutes an Advanced Persistent Threat, the thrust seems to be that once you're a target, you're a victim...

Comments  (0)


Small Business Cyber Security: An Infographic

July 02, 2012 Added by:Fergal Glynn

Businesses often assume they are safe from cyber attacks because they are too small to be of interest to hackers, or mistakenly assume they have taken adequate measures to protect themselves. This infographic highlights the risks faced by small businesses and gives a few tips to help safeguard against attacks...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »