December 15, 2011 Added by:Kelly Colgan
Identifying threats is an offensive tactic. It’s a close monitoring of the system at hand and the cyber news media. It’s easier to be protective when you understand what kinds of hackers, criminal, or nation states are after your system’s data. Know how to handle toxic data...
December 15, 2011 Added by:Security BSides
Bummed out after Snowmageddon? Want a nice hot (at least warmer) change of scenery? Arizona is hosting its first ever BSides during one of the best times of year. We aim to provide the highest quality talks, hands on training and workshops. We also have cactus...
December 15, 2011 Added by:Mark Baldwin
December 14, 2011 Added by:Ed Moyle
Folks might object to sensitive data being stored in cleartext within Google Wallet - I sure do - but the problem isn't so much Google Wallet but instead the fact that mobile devices are blurring the lines between what's a payment application and what's not...
December 14, 2011 Added by:Malgorzata Skora
With multi-tier network architectures, web services, custom applications, and heterogeneous server platform environments, keeping data assets secure is more difficult than ever. Coupled with this complexity is the fact that criminal organizations have organized their hacking efforts...
December 14, 2011 Added by:Mike Meikle
Carefully crafted and monitored SLAs to keep vendors in check, mandating FIPS 140-2 certification of potential vendors and benefiting from vendor technology investments (economies of scale) can add significant weight to cloud solution providers being more secure than in-house solutions...
December 14, 2011 Added by:Dan Dieterle
"The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles messages. The bug is also triggered if a user sends a Facebook chat message or Windows Live Messenger message to a recipient..."
December 14, 2011
The first of a monthly webinar series on Industrial Control System (ICS) Cybersecurity is now available for review in this video. This session provides insight for those interested in ICS Cybersecurity including policy makers, asset owners, vendors, consultants and integrators....
December 13, 2011 Added by:Rafal Los
Getting back to basics is critical, and one of the most basic of basics is managing the rights to your data, your systems, and your critical operations. Let's take a critical, step-by-step look at how managing privileges can greatly decrease your likelihood of leaking data...
December 13, 2011 Added by:f8lerror
If an attacker compromises the DMZ, it is important to stop them there. Firewalls and segmentation is the key to this. Should a user have unlimited access to the internal network from a Citrix server or VPN? Or be able to connect to file shares, internal web applications, and databases?
December 13, 2011 Added by:Danny Lieberman
A client asked us to find a way to reduce risk exposure at the lowest cost. Using the Business Threat Modeling methodology and Practical Threat Analysis software, we were able to mitigate 80% of the total risk exposure in dollars at half the security budget proposed by the vendor....
December 13, 2011
Our society has become irreversibly dependent on Information and Communication Technologies (ICTs). Unfortunately, the adoption of them has been accompanied by the development of a new set of cyber threats which are developing in ever more rapid, sophisticated and sinister ways...
December 12, 2011 Added by:Rafal Los
It's important to understand what your company does and then figure out what the critical bits are. Sometimes it's your customer lists, or a secret ultra-high efficiency engine design, or the next big thing in stealth bombers. The point is that you simply need to know your business...
December 12, 2011 Added by:Andrew Weidenhamer
The one that I am most interested in seeing is the results of is the Risk Assessment SIG. Although IT Risk Assessments has been a term that has been used for decades now, they are still rarely performed and almost always poorly when they are in regard to effectively considering threats...
December 12, 2011 Added by:PCI Guru
Even if Square’s software encrypts the data, the underlying OS will also collect the data in cleartext. Forensic examinations of these devices have shown time and again that regardless of what the software vendor did, the data still existed in memory unencrypted...
December 12, 2011 Added by:Ben Kepes
Passwords it seems are both the bane of our existence and, apparently, the most important thing in our lives. Unfortunately the Cloud doesn’t really change this, good password protocols are as important in the Cloud as they were in an on-premise world and potentially even more so...
Good Security Starts at Home... jlukeadan jlukeadan on 04-23-2014
Join Trend Micro & SecurityWeek in Belle... Barbara Daft on 04-23-2014
Mobile Security: Tips for Using Personal Dev... jlukeadan jlukeadan on 04-23-2014