Time to Say Goodbye to Admin Privileges

May 14, 2014 Added by:Andrew Avanessian

The most resilient organizations will be those that map out specific security controls that will turn their anticipation of threats into a plan of action. Increasingly, businesses are identifying an emerging theme for preventing security vulnerabilities: restricting employees and IT administrators to standard user accounts and removing the dangers associated with IT admin privileges.

Comments  (1)


SecurityWeek Acquires Industrial Control System Cybersecurity Conference Series

April 28, 2014 Added by:InfosecIsland News

SecurityWeek announced that it has acquired the ICS Cybersecurity Conference series, the leading organizer of cybersecurity-focused events for the industrial control systems sector.

Comments  (0)


Windows XP End of Life: What Your Organization Can Expect

April 09, 2014 Added by:Scott Montgomery

Whether you want to acknowledge it or not, the Windows XP and 2003 applications and servers in your estate are going to be at significant risk in a few weeks.

Comments  (0)


A Wake-up Call to Ignoring Cyber Threats – PG&E Indicted on Criminal Charges

April 07, 2014 Added by:Joe Weiss

On April 1, a federal grand jury indicted PG&E on 12 counts of knowingly and willfully violating the federal Pipeline Safety Act leading to the San Bruno natural gas pipeline rupture.

Comments  (0)


Remote Desktop’s Restricted Admin: Is the Cure Worse Than the Disease?

April 01, 2014 Added by:Tal Be'ery

One of the new security features in the latest Windows release (Windows 8.1) is the “Restricted Admin mode for Remote Desktop Connection”. This measure is meant to enhance Windows credential protection against attacks such as Pass-the-Hash and Pass-the-Ticket. However, it appears that cure might be worse than the disease as the new “Restricted Admin mode” opens a new attack surface for the...

Comments  (0)


The Windows XP Rundown is Really About Security

March 18, 2014 Added by:Praveen Manohar

Now is an appropriate time to discuss the implications of the end of XP support and explore what the rundown is really all about: security.

Comments  (0)


CrowdStrike Releases Global Threat Report: Tracked More Than 50 Threat Actor Groups in 2013

January 21, 2014 Added by:InfosecIsland News

CrowdStrike's Intelligence Team tracked more than 50 different threat actor groups believed to be behind the majority of sophisticated threats against enterprises in 2013.

Comments  (0)


Vertical Password Guessing Attacks Part I

January 20, 2014 Added by:Vince Kornacki

In this article we'll test our web application with vertical password guessing attacks. Whereas horizontal password guessing attacks entail trying only a few common passwords against a long list of usernames, vertical password guessing attacks entail trying a long list of passwords against a single username.

Comments  (0)


Office 365 Vulnerability Allowed Unauthorized Administrator Access

January 19, 2014 Added by:Anthony M. Freed

Security researcher Alan Byrne has disclosed a Cross Site Scripting (XSS) vulnerability in Microsoft Office 365 that would allow an attacker to obtain administrator privileges and access to the Email and SharePoint content across the network, as well as the ability to make configuration changes.

Comments  (0)


Dealing With Unrealistic Security Expectations from the Executive Office

January 18, 2014 Added by:Tripwire Inc

So, your CEO keeps hassling you about a “real” plan for securing the company’s technology. You have a plan, telling him “we have done a, b, c and we are going to do d,e,f next month – if you don’t cut our budget.” But he keeps asking for a “real” plan, otherwise he will cut the budget...

Comments  (0)


Are You Playing Security ‘Elf on the Shelf’?

December 23, 2013 Added by:Steve Lowing

While your end users may act like children from time to time, your security practices shouldn’t treat them like they are. Gain visibility and control before being placed on the naughty list.

Comments  (0)


Improving SCADA System Security (Part 1)

December 21, 2013 Added by:InfoSec Institute

Supervisory control and data acquisition (SCADA) networks are considered by cyber strategists to be the backbone of any country. Critical infrastructure, and in particular control systems, require protection from a variety of cyber threats that could compromise their ordinary operation.

Comments  (0)


What the Snowden Leaks Can Teach Us About Data Security

November 14, 2013 Added by:Cam Roberson

One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...

Comments  (0)


Industrial Control Industry Slow to Adopt Security Configuration Management: Survey

November 13, 2013 Added by:InfosecIsland News

Tripwire unveiled the results of a study comparing risk-based security management in the industrial sector to that of other industries.

Comments  (0)


DNP3 Vulnerabilities Part 1 of 2: NERC’s Electronic Security Perimeter is Swiss Cheese

November 07, 2013 Added by:Eric Byres

If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.

Comments  (0)


Preparing for the Internet of Things: Integrating Strong Authentication in Daily Life

November 04, 2013 Added by:Jochem Binst

The online world as we know it today is not the same as the one we got to know in the beginning of the Internet era and certainly not the one that is emerging today! People worldwide are starting to realize this. All they have to do now is act on it. Strong authentication to secure the online world will be embraced since it becomes a necessity; using strong authentication is the next step.

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »