Vulns & Alerts
August 23, 2016 Added by:Mike Paquette
Not all security analytics solutions are created equal. There are five key characteristics critically important to ensuring that your security analytics are effective and capable of stopping today’s advanced threats.
August 18, 2016 Added by:Michael Patterson
Attackers are going to get in and you will be required to perform incident response. The first thing the security team will ask for is the logs. Make sure logs are backed up to a 2nd system or 3rd system and make sure a UDP forwarder is relaying the messages.
August 18, 2016 Added by:Scott Gordon
Next generation F-DRM solutions offer an effective and flexible technical control that can be applied today to reduce file data leakage risks across different infrastructure, collaboration methods, user types and business requirements.
August 11, 2016 Added by:Alexander Polyakov
SAP has released the monthly critical patch update for August 2016. This patch update closes 30 vulnerabilities in SAP products including 26 SAP Security Patch Day Notes and 4 Support Package Notes.
August 11, 2016 Added by:Karl Sigler
Exploit kits are increasingly using the evil twin of an advertisement, a malvertisement, as a gateway to a web browser.
July 06, 2016 Added by:Mike Paquette
By augmenting their efforts with behavioral analytics and machine learning, teams can be sure they reduce alert noise and fatigue while quickly identifying and addressing the issues that actually matter before they hurt their customers or the bottom line.
June 28, 2016 Added by:Nick Bilogorskiy
In the age of stolen passwords, compromised credentials are the easiest way in, simpler than phishing, malware or exploits. “Password confirmation” tools are now readily available to find reused passwords matching any website.
May 24, 2016 Added by:Brian Soldato
User Entity Behavior Analytics (UEBA) platforms are very promising. In the near future, expect to see user behavior analytics platforms integrate more directly with infrastructure and with automated response.
April 26, 2016 Added by:Jim Legg
While prevention of the initial breach is an important layer of an enterprise security strategy, perimeter-based threat protection alone is not sufficient to protect against today’s increasingly sophisticated and targeted external security threats.
April 22, 2016 Added by:Vanishree Rao
End-to-end encryption does not solve the problem, despite the common perception that it is the holy grail of instant-messaging security. It is necessary that service providers shift their attention toward non-traditional key-derivation mechanisms to close the loophole.
April 12, 2016 Added by:Amir Geri
The vulnerabilities found in Flash Player have forced Adobe to issue out security patches yet again. Whether the decision is to uninstall Flash entirely or ensure that all updates have been completed across the enterprise, the issue IT practitioners face is related to compliance.
April 01, 2016 Added by:Paul Morville
This April Fool’s Day, let’s acknowledge that a security strategy focused exclusively on patching and prevention is a fool’s errand and let’s move towards an adaptive approach that includes prevention, detection, continuous visibility and response.
March 15, 2016 Added by:InfosecIsland News
Adobe’s Flash Player in 2015 was the dominant application in terms of vulnerabilities targeted by exploit kits (EKs), with 13 of the 17 new flaws added to these malicious programs pertaining to the web plugin.
March 15, 2016 Added by:Eyal Bek
Besides the usual precautions, encryption can put a huge dent in the problem by making stored information unintelligible to intruders. Self-encrypting drives further help by minimizing the performance impact by offloading encryption to specialized hardware and taking humans out of the picture.
March 14, 2016 Added by:Mark Parker
Unfortunately, while the popularity of March Madness (the NCAA Basketball Tournament) has grown exponentially, nearly every facet of any employee’s involvement with the event could open up the employee, as well as the organization, to a number of cyber risks.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015