September 25, 2014 Added by:Wendy Nather
As many are explaining, one of the biggest problems with this #shellshock vulnerability is that it's in part of the Unix and Linux operating systems -- which means it's everywhere, particularly in things that were built decades ago and in things that were never meant to be updated.
September 22, 2014 Added by:Cyphort
After the first major success of POS malware breaching Target Corporation in November 2013 occurred, the number of POS device infections in the wild skyrocketed.
September 17, 2014 Added by:InfosecIsland News
Following a sold out event in 2013, the 2014 ICS Cyber Security Conference is expected to attract more than 250 professionals from around the world and again sell out. Attendees can register online and pay just $1895 for a full conference registration which includes 4 days AND workshops on Monday.
September 02, 2014 Added by:Tripwire Inc
We frequently work with customers who use patch management solutions and are missing patches. The reason? I don’t think anyone fully understands the Microsoft Patching process and the third-parties don’t always get it right either.
August 20, 2014 Added by:Tripwire Inc
In our third and final post of this series, Tripwire’s Vulnerability and Exposure Research Team (VERT) highlights four more unnecessary risks that often appear in even the most secure networks.
July 17, 2014 Added by:Neohapsis
Without full disk encryption (like BitLocker), sensitive system files will always be available to an attacker, and credentials can be compromised.
July 07, 2014 Added by:Patrick Oliver Graf
Former NSA director Keith Alexander pointed out earlier this week that government networks are far from secure, as the NSA and the Department of Defense uncovered more than 1,500 pieces of malware on the U.S. government’s most secret networks.
July 02, 2014 Added by:Joe Weiss
The past two weeks continue to demonstrate the lack of understanding about the unique issues of ICS cyber security – why isn’t it just IT.
June 11, 2014 Added by:Joe Weiss
The story is that MANY ICSs are connected to the Internet and it isn’t expensive to find them.
May 21, 2014 Added by:Joe Weiss
Stuxnet and Aurora utilized design features of the system or controllers to attack physical systems. Stuxnet and Aurora are not traditional network vulnerabilities and cannot be found or mitigated by using traditional IT security techniques.
Security on a Weak IT Foundation... Westley McDuffie on 09-30-2014
Hacker to Release Symantec's PCAnywhere Sour... Bri Bella on 09-30-2014
Today's Mobile Device Data Protection Must G... Anna Maria on 09-29-2014