May 14, 2014 Added by:Andrew Avanessian
The most resilient organizations will be those that map out specific security controls that will turn their anticipation of threats into a plan of action. Increasingly, businesses are identifying an emerging theme for preventing security vulnerabilities: restricting employees and IT administrators to standard user accounts and removing the dangers associated with IT admin privileges.
April 28, 2014 Added by:InfosecIsland News
SecurityWeek announced that it has acquired the ICS Cybersecurity Conference series, the leading organizer of cybersecurity-focused events for the industrial control systems sector.
April 09, 2014 Added by:Scott Montgomery
Whether you want to acknowledge it or not, the Windows XP and 2003 applications and servers in your estate are going to be at significant risk in a few weeks.
April 07, 2014 Added by:Joe Weiss
On April 1, a federal grand jury indicted PG&E on 12 counts of knowingly and willfully violating the federal Pipeline Safety Act leading to the San Bruno natural gas pipeline rupture.
April 01, 2014 Added by:Tal Be'ery
One of the new security features in the latest Windows release (Windows 8.1) is the “Restricted Admin mode for Remote Desktop Connection”. This measure is meant to enhance Windows credential protection against attacks such as Pass-the-Hash and Pass-the-Ticket. However, it appears that cure might be worse than the disease as the new “Restricted Admin mode” opens a new attack surface for the...
January 21, 2014 Added by:InfosecIsland News
CrowdStrike's Intelligence Team tracked more than 50 different threat actor groups believed to be behind the majority of sophisticated threats against enterprises in 2013.
January 20, 2014 Added by:Vince Kornacki
In this article we'll test our web application with vertical password guessing attacks. Whereas horizontal password guessing attacks entail trying only a few common passwords against a long list of usernames, vertical password guessing attacks entail trying a long list of passwords against a single username.
January 19, 2014 Added by:Anthony M. Freed
Security researcher Alan Byrne has disclosed a Cross Site Scripting (XSS) vulnerability in Microsoft Office 365 that would allow an attacker to obtain administrator privileges and access to the Email and SharePoint content across the network, as well as the ability to make configuration changes.
January 18, 2014 Added by:Tripwire Inc
So, your CEO keeps hassling you about a “real” plan for securing the company’s technology. You have a plan, telling him “we have done a, b, c and we are going to do d,e,f next month – if you don’t cut our budget.” But he keeps asking for a “real” plan, otherwise he will cut the budget...
December 21, 2013 Added by:InfoSec Institute
Supervisory control and data acquisition (SCADA) networks are considered by cyber strategists to be the backbone of any country. Critical infrastructure, and in particular control systems, require protection from a variety of cyber threats that could compromise their ordinary operation.
November 14, 2013 Added by:Cam Roberson
One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...
November 13, 2013 Added by:InfosecIsland News
Tripwire unveiled the results of a study comparing risk-based security management in the industrial sector to that of other industries.
November 07, 2013 Added by:Eric Byres
If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.
November 04, 2013 Added by:Jochem Binst
The online world as we know it today is not the same as the one we got to know in the beginning of the Internet era and certainly not the one that is emerging today! People worldwide are starting to realize this. All they have to do now is act on it. Strong authentication to secure the online world will be embraced since it becomes a necessity; using strong authentication is the next step.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015