Breaches

6d117b57d55f63febe392e40a478011f

New Legislation on Threat Intelligence Sharing May Have a Chance

January 28, 2015 Added by:Anthony M. Freed

But the four cybersecurity legislation bills that were approved last month did not address all of the top concerns, namely the creation of an information-sharing platform that would enable better information exchange about cyber-based threats between the public and private sectors.

Comments  (6)

Af7244bb99debb4a1152fa49a993a05c

Google Says It’s Not Practical to Fix Flaws in Pre-KitKat Android

January 27, 2015 Added by:Eduard Kovacs

Researchers reported earlier this month that Google was no longer patching vulnerabilities affecting the WebView component in Android Jelly Bean (4.3) and prior.

Comments  (6)

Bd07d58f0d31d48d3764821d109bf165

The State of Obama Cybercare

January 26, 2015 Added by:Tripwire Inc

Over the past few years, we have seen cybersecurity move from the realm of IT into the boardroom and now onto the political stage. The reason for this is clear—the resiliency, security and safety of the Internet is critical to our economy and the progress of our society as a whole. It is our future.

Comments  (4)

B64e021126c832bb29ec9fa988155eaf

Bringing Metasploit Exploits to Life with PowerShell

January 26, 2015 Added by:Dan Dieterle

You have a remote shell to a Windows box in Metasploit, very cool, but what can you do?

Comments  (4)

201d6e4b7cd0350a1a9ef6e856e28341

Generation (Nuclear and Fossil) Cyber Incidents Continue to Occur and Nobody is Connecting the Dots

January 22, 2015 Added by:Joe Weiss

I have seen few attempts to provide guidance to end-users about common issues with control system cyber incidents that transcend industries and even national boundaries. The following was a result of a discussion with a relevant entity about a domestic fossil plant cyber incident and its commonality to several other plant cyber incidents.

Comments  (4)

201d6e4b7cd0350a1a9ef6e856e28341

The NERC CIP's Are Not Making the Grid More Secure or Reliable

January 20, 2015 Added by:Joe Weiss

The North American Electric Corporation (NERC) Critical Infrastructure Protection (CIP) cyber security standards were developed to increase the cyber security and reliability of the electric grid. Unfortunately, they are not doing either.

Comments  (2)

E595c1d49bf4a26f8e14ce59812af80e

The Risk Within: Could an Ex-Employee Be Responsible for the Sony Hack?

January 19, 2015 Added by:Patrick Oliver Graf

One month ago, we asked, “What network security lessons can we learn from the Sony attack?” Since then, new information has been slow to trickle out, save for the FBI’s mid-December statement that assigned responsibility to the North Korean government.

Comments  (2)

E313765e3bec84b2852c1c758f7244b6

How to Avoid Getting Phished

January 14, 2015 Added by:Brent Huston

It’s much easier for an attacker to “hack a human” than “hack a machine”. This is why complicated attacks against organizations often begin with the end user.

Comments  (2)

6ee5846e0a227db0333ff7c99ff61313

When You Are Overwhelmed With Alerts, it is Time to Automate.

January 07, 2015 Added by:Michael Leland

Your security team is getting alerts from internal sensors, threat intelligence from multiple sources, and potential indicators of attack or compromise from your SIEM. Relying on these human filters to decode, deduce, and decide what is relevant takes valuable time and can result in long delays between attack, detection, and containment.

Comments  (2)

F45df53d99605d46f5ae32b7bed9fe22

Does Your Valuable Data Belong to Hackers?

January 05, 2015 Added by:Thu Pham

Every organization, regardless of size, is comprised of a variety of sensitive data - from HR and payroll handling medical, financial and personally identifiable employee data to your precious intellectual property. And each of these data types can be sold for a price on the black market, making them valuable to attackers financially as well as for blackmail purposes.

Comments  (6)

6a71825dbf6d876764b845e0fd664e0b

Moving from Alert-Driven to Intelligence-Driven Security

January 05, 2015 Added by:Paul Lipman

The emergence of smart, integrated, cloud-based security services will enable a transformation from an alert-centric to an intelligence-centric approach to security. This will vastly enhance the Chief Information Security Officer's (CISO’s) visibility and ultimately deliver substantial improvements in the robustness of the overall security posture.

Comments  (1)

Ab28a67c637101abd994329b9bf494e8

Eat. Pray. Love. – Three Words that Comply with Sony’s Password Policy

January 01, 2015 Added by:Scott Garber

While evaluating the Sony hack and explosion of related press, our team discovered an eerie tie-in to the titles and taglines in Sony Pictures massive movie library, which might have been an early indicator of the inevitable breach.

Comments  (1)

Fc152e73692bc3c934d248f639d9e963

Forensic Examinations And Facts

December 23, 2014 Added by:PCI Guru

I am watching the news reports on the Sony breach and laughing at all of the “facts” that are being bandied about. I want to use the Sony breach as a teachable moment and explain that the “facts” may not be as factual as represented by the media, forensic examiners or even the FBI.

Comments  (1)

201d6e4b7cd0350a1a9ef6e856e28341

Aurora and DHS - a Misleading Response to a Significant Mistake

December 22, 2014 Added by:Joe Weiss

With all of the focus on cyber security one could expect that DHS is doing a credible job in helping to protect our country. Unfortunately, that may not be the case.

Comments  (1)

E595c1d49bf4a26f8e14ce59812af80e

What Network Security Lessons Can We Learn from the Sony Attack?

December 17, 2014 Added by:Patrick Oliver Graf

Hollywood is a place that can be driven mad by star-studded gossip, where the talk of the town is rarely private and where people are accustomed to their secrets not staying secret for very long. Yet, this state of play hasn’t made it any easier for the victims of last month's cyberattack against Sony, carried out by shadowy assailants calling themselves the Guardians of Peace.

Comments  (15)

03b2ceb73723f8b53cd533e4fba898ee

Grinch Bug Could be Worse Than Shellshock, Says Experts

December 17, 2014 Added by:Pierluigi Paganini

The flaw resides in the authorization system in Linux which allows privilege escalation through the wheel.

Comments  (1)

Page « < 2 - 3 - 4 - 5 - 6 > »