Information Security

23712318a400454a2c049f165106d985

Windows XP End of Life: What Your Organization Can Expect

April 09, 2014 Added by:Scott Montgomery

Whether you want to acknowledge it or not, the Windows XP and 2003 applications and servers in your estate are going to be at significant risk in a few weeks.

Comments  (0)

Fafdf1720f4df1d41c6eacbd2429a06b

Remote Desktop’s Restricted Admin: Is the Cure Worse Than the Disease?

April 01, 2014 Added by:Tal Be'ery

One of the new security features in the latest Windows release (Windows 8.1) is the “Restricted Admin mode for Remote Desktop Connection”. This measure is meant to enhance Windows credential protection against attacks such as Pass-the-Hash and Pass-the-Ticket. However, it appears that cure might be worse than the disease as the new “Restricted Admin mode” opens a new attack surface for the...

Comments  (0)

37c1b0270687e8148e56508e805f8b8e

The Windows XP Rundown is Really About Security

March 18, 2014 Added by:Praveen Manohar

Now is an appropriate time to discuss the implications of the end of XP support and explore what the rundown is really all about: security.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

CrowdStrike Releases Global Threat Report: Tracked More Than 50 Threat Actor Groups in 2013

January 21, 2014 Added by:InfosecIsland News

CrowdStrike's Intelligence Team tracked more than 50 different threat actor groups believed to be behind the majority of sophisticated threats against enterprises in 2013.

Comments  (0)

9fb165a9b7dfef2a9f8ac7d69b22a42c

Vertical Password Guessing Attacks Part I

January 20, 2014 Added by:Vince Kornacki

In this article we'll test our web application with vertical password guessing attacks. Whereas horizontal password guessing attacks entail trying only a few common passwords against a long list of usernames, vertical password guessing attacks entail trying a long list of passwords against a single username.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Office 365 Vulnerability Allowed Unauthorized Administrator Access

January 19, 2014 Added by:Anthony M. Freed

Security researcher Alan Byrne has disclosed a Cross Site Scripting (XSS) vulnerability in Microsoft Office 365 that would allow an attacker to obtain administrator privileges and access to the Email and SharePoint content across the network, as well as the ability to make configuration changes.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Dealing With Unrealistic Security Expectations from the Executive Office

January 18, 2014 Added by:Tripwire Inc

So, your CEO keeps hassling you about a “real” plan for securing the company’s technology. You have a plan, telling him “we have done a, b, c and we are going to do d,e,f next month – if you don’t cut our budget.” But he keeps asking for a “real” plan, otherwise he will cut the budget...

Comments  (0)

52a995fead03e1d828980d4b3efd2719

What the Snowden Leaks Can Teach Us About Data Security

November 14, 2013 Added by:Cam Roberson

One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...

Comments  (0)

413b3c848ce6956827c9c877d400f18c

Plugging Java’s Holes - Is There a Practical Fix?

September 18, 2013 Added by:Scott Petry

Developers love Java. But its security problems have gotten out of hand. Is there a practical fix?

Comments  (0)

306708aaf995cf6a77d3083885b60907

Insider Steals Data of 2 Million Vodafone Germany Customers

September 12, 2013 Added by:Mike Lennon

Vodafone Germany said an attacker with insider knowledge had stolen the personal data of two million of its customers from a server located in Germany.

Comments  (0)

52a995fead03e1d828980d4b3efd2719

Today's Mobile Device Data Protection Must Go Beyond Encryption

August 21, 2013 Added by:Cam Roberson

Employers can be diligent in installing encryption protection software on the devices their employees use, but what happens if the password is compromised? Whenever the password is known, the laptop, smartphone or tablet is at no less security risk with encryption as it is without.

Comments  (0)

3a51104c66686fac95156c1a1d632bd4

If you Knew you Were Going to be Attacked, What Would you do Differently?

August 14, 2013 Added by:Bill Wheeler

Recent reports have found that cyberattacks against U.S. corporations are on the rise, along with an increase in international threats, especially from China, and emerging threats to small businesses. Today, it’s not a matter of if an organization will be the victim of a cyberattack, but when.

Comments  (0)

98180f2c2934cab169b73cb01b6d7587

Is Offensive Cyber Security Necessary?

August 01, 2013 Added by:Jon Stout

Cyber security war is like any other war- taking the offensive will improve your chances of success. Like any other war, the cyber security war requires proper planning for success and a total winning strategy. Half hearted measures will not be sufficient.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

CISOs Share Top 10 Tips for Managing IT Security Vendors

July 31, 2013 Added by:InfosecIsland News

Austin-based Wisegate has released a report that provides top 10 tips from leading CISOs to help IT professionals manage security vendors.

Comments  (0)

72462991dba2e16e1588d4af1293ae58

Why SQL Injection Still Plagues Us

July 23, 2013 Added by:Dan Kuykendall

Eliminating the risk of SQL injection is made complicated by a host of factors -- many of which are out of the developer and security teams’ control. If not addressed completely, web applications are still vulnerable. Let’s look at the problem from each team’s point of view.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Michael Santarcangelo on the Value Imperative Mindset in Security

July 12, 2013 Added by:Anthony M. Freed

To better understand how we as security professionals can hone our messaging across the organization and up the corporate food chain to elicit the responses we are seeking, we recently spoke at length with Michael Santarcangelo of Security Catalyst, widely recognized in the security field as an effective communicator and catalyst for change and improvement.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »