Vulns & Alerts
July 30, 2013 Added by:Jon Stout
You can be doing all the right things, adding immense value to your customer and helping your company build a great brand. When a contract changes even incumbents are suddenly “on the bench” or “between projects” or “on overhead” . You are no longer billable. As a result you have now moved from a profit-generator to a cost center. When this happens you are at risk.
July 29, 2013 Added by:Vince Schiavone
Corporations looking to proactively protect the business against growing enterprise social risks are engaging advanced, strategic solutions to unveil and track a wide array of social threats. This delivers strategic intelligence for proactive response to effectively mitigate these threats, often before they explode into all out crises.
July 11, 2013 Added by:Rafal Los
Enterprises face some interesting challenges as they grow. Once you scale to any real size, tasks that seemed simple become unmanageable and difficult, even confused. One of those tasks is vulnerability management, and while it may sound simple and trivial, I assure you it is, indeed, not.
July 10, 2013 Added by:InfosecIsland News
With APTs leveraging these weaknesses, it’s critical to have visibility and control of enterprise key and certificate inventories. Cyber criminals understand that the easy targets are those organizations that have little visibility into their threat surface and cannot respond quickly. We need to gain control over trust; we need to plug the gap related to key & certificate-based exploits. (Re...
June 26, 2013 Added by:Mike Lennon
The Iowa Department of Human Services on Wednesday warned former patients at the Mental Health Institute in Independence and others, about a possible breach of their confidential information due to a lost backup tape.
June 20, 2013 Added by:Rafal Los
Private industry and corporations alike are talking about “hack-back.” It’s no secret I believe that “hack-back” is a bad idea, for many reasons.
June 17, 2013 Added by:DHANANJAY ROKDE
A generic definition of a crime would be an act that is in violation of the applicable laws.
June 12, 2013 Added by:Ian Tibble
The notion that VA tools really can be used to give a decent picture of vulnerability is still heavily embedded, and that notion in itself presents a serious vulnerability for businesses.
April 16, 2013 Added by:George Tubin
Cybercriminals continue to develop new methods to bypass security controls in order to install malware on corporate endpoints. An endpoint protection approach that provides both effectiveness and manageability must begin with an understanding of the attack vectors that require mitigation.
April 12, 2013 Added by:Mikko Jakonen
Well, before COTS (Commercial Off The Shelve) came popular in military and other organizations thinking their security, this could have been avoided. Nowadays, very difficult. Even in trailers. You still need only one computer making possible to interact with others – in many different NETs existing :)
April 05, 2013 Added by:Eric Byres
Applying patches is a critical part of good security. According to US-CERT, about 95% of all network intrusions could have been avoided by keeping systems up to date with appropriate patches. What I am against is patching as a knee-jerk reaction to security vulnerabilities. You can’t expect your control system to operate reliably if you don’t have a controlled process for patching.
April 03, 2013 Added by:Rohit Sethi
The March 24th public disclosure of a MongoDB zero-day vulnerability (CVE-2013-1892) has been raising eyebrows and initiating discussion among IT security and developers alike. Here’s why we think it stands out...
March 27, 2013 Added by:Infosec Island
A new malware targeting point-of-sale (POS) systems and ATMs has stolen payment card information from several US banks, researchers say. The author behind the malware appears to have links to a Russian cyber-crime gang.
March 20, 2013 Added by:Ian Tibble
The early days of deciding what to do with the risk will be slow and difficult and there might even be some feisty exchanges, but eventually, addressing the risk becomes a mature, documented process that almost melts into the background hum of the machinery of a business.
First Victims of the Stuxnet Worm Revealed... Zaid Zia on 11-21-2014
Attorney General Taps Federal Prosecutors fo... Zaid Zia on 11-21-2014
Is There a Business Case in Planning for Da... Zaid Zia on 11-21-2014