Infosec Island News
Anthem Breach: How Hackers Stole Credentials and Why Two-Factor Authentication May Help Prevent Future Phishing Scams
February 09, 2015 Added by:Thu Pham
If the Anthem attack was carried out as the result of using a single password, their access security wasn’t up to industry standards. Two-factor authentication may have thwarted attacks by requiring the use of a personal device to verify the identity of a system administrator or other technical employee with access to their database of millions of sensitive records.
January 05, 2015 Added by:Thu Pham
Every organization, regardless of size, is comprised of a variety of sensitive data - from HR and payroll handling medical, financial and personally identifiable employee data to your precious intellectual property. And each of these data types can be sold for a price on the black market, making them valuable to attackers financially as well as for blackmail purposes.
January 05, 2015 Added by:Paul Lipman
The emergence of smart, integrated, cloud-based security services will enable a transformation from an alert-centric to an intelligence-centric approach to security. This will vastly enhance the Chief Information Security Officer's (CISO’s) visibility and ultimately deliver substantial improvements in the robustness of the overall security posture.
December 05, 2014 Added by:Paul Lipman
The cloud has been widely hailed as the most disruptive force in modern business. Indeed, the world is in the midst of fundamentally profound transformations, enabled by the cloud, in the ways in which we access and interact with data and applications. Unfortunately, the security industry has not kept pace with these transformational trends, necessitating an equally profound change in the way we s...
December 03, 2014 Added by:Steve Durbin
Despite the undeniable corporate and consumer interest, the security and privacy implications of cloud and mobile connected devices are concerning many security professionals. Countless organizations are still playing catch up – Bring Your Own Device (BYOD) polices are only starting to be embedded, reviewed and updated. IT departments are overwhelmed with the amount of devices entering the workp...
November 25, 2014 Added by:InfosecIsland News
Kaspersky Lab's Global Research and Analysis Team has published its research on Regin - the first cyber-attack platform known to penetrate and monitor GSM networks in addition to other "standard" spying tasks.
November 05, 2014 Added by:Steve Durbin
Password-based authentication is easy and familiar for customers, and is initially inexpensive for organizations to deploy at scale. But, while password-based authentication may be appropriate in some instances, it is no longer suitable for the wide range of services where it is currently being used.
May 19, 2014 Added by:Dan Dieterle
For years China has turned to hacking to close the technology gap between them and other nations. Termed “cyber-espionage”, Chinese hackers targeted hi-tech US companies and stole confidential research and development data.
March 10, 2014 Added by:Electronic Frontier Foundation
We call upon the Human Rights Committee to note the thirteen 13 International Principles for the Application of Human Rights to Communications Surveillance...as a guidance for understanding a State Party’s compliance with Article 17 on the right to privacy.
January 30, 2014 Added by:Joe Franscella
The Security Blogger Network (SBN), the largest collection of information-security-focused blogs and podcasts in the world, has announced the SBN Social Security Awards 2014 finalists.
November 26, 2013 Added by:Danny Banks
Innovative enterprise security teams realize the importance of security event data and are changing the way they collect and store information for greater insight into the threat landscape.
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
September 02, 2013 Added by:Pierluigi Paganini
Former LulzSec leader Sabu (Hector Xavier Monsegur) accused by the hacker Jeremy Hammond to have incited state-sponsored attack for the U.S. Government.
August 08, 2013 Added by:Jon Stout
he existing cyber security computing model of the past decade, based on firewalls, anti-viral services, intrusion detection controls, etc., is no longer adequate to help organizations mitigate cyber-security risk.
August 07, 2013 Added by:Jon Stout
The computing security model of the past decade, based on firewalls, anti-viral services, intrusion detection controls, system event monitoring, VPNs, etc., is failing to detect and block the most advanced malware. That is serious enough. But what’s worse is that this traditional defense model is of little use in preventing what many experts feel is the greatest threat to cyber security: human e...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015