Items Tagged with "Attacks"


US Critical Infrastructures are Being Targeted by Actors in the Middle East – But Attribution is Difficult

November 19, 2015 Added by:Joe Weiss

The availability of ICS cyber exploits, and the lack of attribution, there should be more concern about the very viable cyber threat to our critical infrastructures.

Comments  (0)


Is DDoS Mitigation as-a-Service Becoming a Defacto Offering for Providers?

November 11, 2015 Added by:Stefan Fouant

In my daily engagements with various customers of all shapes and sizes, it’s truly interesting to see how the approach to DDoS mitigation is changing. Much of this is the result of DDoS mitigation services shifting from a “nice to have” technology to a “must-have”, essential in order to maintain business continuity and availability.

Comments  (0)


Challenges and Solutions of Threat and Vulnerability Sharing in 2015

June 29, 2015 Added by:Shawn Masters

Overcoming the challenges that information sharing presents will require greater collaboration across the financial industry and a focus on combined efforts rather than individual protection

Comments  (0)


Webcast: How Gaps In SSH Security Create an Open Door for Attackers

October 27, 2014 Added by:InfosecIsland News

Please join us on Thursday, Oct. 30th at 1PM ET for a special webcast on how Gaps In SSH Security Create an Open Door for Attackers.

Comments  (0)


Remote Desktop’s Restricted Admin: Is the Cure Worse Than the Disease?

April 01, 2014 Added by:Tal Be'ery

One of the new security features in the latest Windows release (Windows 8.1) is the “Restricted Admin mode for Remote Desktop Connection”. This measure is meant to enhance Windows credential protection against attacks such as Pass-the-Hash and Pass-the-Ticket. However, it appears that cure might be worse than the disease as the new “Restricted Admin mode” opens a new attack surface for the...

Comments  (0)


Smart Card Logon: The Good, the Bad and the Ugly

March 10, 2014 Added by:Tal Be'ery

Organizations may find themselves in a “PCI’s Catch 22″ situation: Implementing PCI’s recommended Smart Card Logon for Windows may be in breach of another PCI requirement: to change passwords on a regular basis.

Comments  (2)


Vertical Password Guessing Attacks Part I

January 20, 2014 Added by:Vince Kornacki

In this article we'll test our web application with vertical password guessing attacks. Whereas horizontal password guessing attacks entail trying only a few common passwords against a long list of usernames, vertical password guessing attacks entail trying a long list of passwords against a single username.

Comments  (0)


How Can you Expose Targeted Attacks and Combat APTs?

October 10, 2013 Added by:Michelle Drolet

Cybercriminals are employing more sophisticated techniques all the time and far too many companies and organizations still don’t have the protection they really need to safeguard their systems. The prevalence of targeted attacks and advanced persistent threats (APTs) is disturbing.

Comments  (0)


Why SQL Injection Still Plagues Us

July 23, 2013 Added by:Dan Kuykendall

Eliminating the risk of SQL injection is made complicated by a host of factors -- many of which are out of the developer and security teams’ control. If not addressed completely, web applications are still vulnerable. Let’s look at the problem from each team’s point of view.

Comments  (0)


The Emperor Is Naked!

May 09, 2013 Added by:Krypt3ia

Last week a report came out on Wired about how the ACE (Army Corps of Engineers) database was hacked by China and "sensitive" dam data was taken.. By China, let that sink in for a bit as there was no real attribution data in the story

Comments  (1)


Opinion: Recent ISACA Study Adds Fuel to the APT Fire

February 18, 2013 Added by:Steve Ragan

Most of the time, attacks considered APTs use 0-Day exploits, or malware that slips past poorly updated AV software, or phishing to compromise a host or organization. There is nothing advanced about attacks like these...

Comments  (0)


New attacks against banking, cyber Jihad or cyber warfare acts?

December 22, 2012 Added by:Pierluigi Paganini

The banking world must be prepared, it is one of the sectors that will be subject to a major number of attacks in next year, they are considered privileged targets for hacktivists, state sponsored hackers and cyber criminals...

Comments  (1)


Do Better Technical Controls Increase People Focused Attacks?

December 16, 2012 Added by:Simon Moffatt

Social engineering can be seen as a more direct approach to exposing real security assets such as passwords, processes, keys and so on. Via subtle manipulation, carefully planned framing and scenario attacks, through to friending and spear phishing, people are increasingly becoming the main target...

Comments  (0)


Who Needs Words for Wars?

December 09, 2012 Added by:Jayson Wylie

This article holds little validity in my mind and I’m sure that runs up the chain of the Government to President Obama who is the only one, at this time, that seems to be able to have a majority consensus for a direction or secret directives for Cyberspace activities, rules and laws...

Comments  (0)


Japan Aerospace Exploration Agency hit again by malware

December 03, 2012 Added by:Pierluigi Paganini

The New Your Times has recently published the news the Japan Aerospace Exploration Agency was hit by a virus that stolen secret information on newest rockets from an internal computer...

Comments  (0)


Controversial Active Cyber Defense

December 01, 2012 Added by:Jarno Limnéll

Increasingly, both the armed forces and businesses are practicing the concept of “active defense,” a military term that refers to efforts to thwart an attack by attacking the attackers. However popular it has become, active defense is an alarming trend...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »