Network Security

  • Most Topular Stories

  • Reversing the dropbox client on windows

    SecurityNewsPortal.com latest breaking computer security, anti virus and hacking news
    20 Aug 2014 | 2:12 am
    Reversing the dropbox client on windows
  • Q&A: DEF CON At 22

    Dark Reading:
    Kelly Jackson Higgins
    19 Aug 2014 | 3:01 pm
    DEF CON founder Jeff Moss, a.k.a. The Dark Tangent, reflects on DEF CON's evolution, the NSA fallout, and wider security awareness.
  • Spam industry reinvented as messages containing malicious links surge

    Techworld.com security
    19 Aug 2014 | 5:55 am
    Spam might no longer be the gigantic overhead it once was but the number of unsolicited messages containing malicious links appears to be surging, according to figures from SaaS security firm ProofPoint.
  • 31C3 31. Chaos Communication Congress

    SecurityNewsPortal.com latest breaking computer security, anti virus and hacking news
    20 Aug 2014 | 2:12 am
    31C3 31. Chaos Communication Congress
  • A VPN’s Crucial Role in Securing the Hub

    AT&T Networking Exchange Blog » Security
    Russ Banham
    11 Aug 2014 | 3:45 am
    As organizations leverage ways to connect the enterprise with wide-ranging internal and external sources of key business data, a VPN is seen as a necessary security component–the armed guard protecting this trove of enterprise insight. Companies are just beginning to create the technology infrastructure that permits real-time access and analysis of wide-ranging performance data to enable more insightful business decisions. One scenario calls for employees at the edges of the enterprise—individuals “touching” customers, suppliers, banks, and other partners—to be given mobile…
 
  • add this feed to my.Alltop

    Network Security Blog

  • A swarm of cars

    netsecpodcast@mckeay.net (Martin McKeay)
    20 Aug 2014 | 12:10 am
    It’s a given that we will have ‘intelligence’ in our cars within the next decade.  Quite frankly, there’s no way it is avoidable, given the appetite of consumers for  all things to be connected to the Internet and too each other.  In the case of cars, it actually makes sense for them to be talking to each other.  But there’s one question: what will the unintended consequences be? Earlier this week the National Highway Traffic Safety Administration (NHTSA) revealed plans to implement vehicle to vehicle (V2V) communication technology that allows one car to…
  • Con flu, con crud and conxhaustion

    netsecpodcast@mckeay.net (Martin McKeay)
    17 Aug 2014 | 11:19 pm
    I want to create a new word, ‘conxhaustion’.  That feeling you have halfway through the conference where you’ve been living on 3 hours of sleep a night and realize you have days more to go before you’ll sleep normally again.  I love going to the conferences in Las Vegas every summer: Black Hat, Defcon and BSides.  But I hate Vegas itself and I hate it even more now that I have to travel from London to get there.  It was bad enough when I got half way through the week and was exhausted because of lack of sleep when I was in the same time zone. When you throw an…
  • Last Hacker Standing, Episode IV – The Last Hope

    netsecpodcast@mckeay.net (Martin McKeay)
    3 Aug 2014 | 10:26 pm
    Well, I told you I couldn’t go that long without recording a podcast.  And a couple of weeks ago I got together with my friends Chris John Riley and Dave Lewis and started a new project, Last Hacker Standing.  In the inaugural podcast, we talk news (straight up, with a twist), alongside our wonderful guest Katie Moussouris from Hacker One.  I’m going to try to have fun with this one, not taking it too seriously.  Not that I ever took the Network Security Podcast all that seriously, of course.  Our format is going to be a podcast twice a month, with a guest who will join…
  • Russia says “Hand over your code.”

    netsecpodcast@mckeay.net (Martin McKeay)
    30 Jul 2014 | 11:09 pm
    Well, this should be interesting.  The Russian Communications Minister suggested, rather strongly, that Apple and SAP share their source code with the Russian government so that it could be reviewed to make sure it wasn’t being used to spy on Russian citizens.  Yes, Russia is playing the privacy card to sneak a peek at the crown jewels of two of the biggest high tech companies in the world.  Who says Russian politicians don’t have a sense of humor? On the surface, the request for source code review in order to protect the privacy of Russian citizens from US spying has some…
  • You’ve been reported … by an ad

    netsecpodcast@mckeay.net (Martin McKeay)
    29 Jul 2014 | 10:39 pm
    This looks like an interesting experiment; the City of London police have started placing ads on sites for pirated music warning that the visit to the site has been recorded and reported.  Called “Operation Creative”, this is an effort by the Police Intellectual Property Crime Unit (PIPCU) to educate people visiting sites that offer pirated music and videos that it’s illegal and could result in prosecution.  As if anyone who visits a pirate site didn’t already know exactly what they were doing and what the potential consequences are.  The City of London police call…
 
 
  • add this feed to my.Alltop

    Network Security Podcast

  • Last Hacker Standing, Episode IV – The Last Hope

    martin
    17 Aug 2014 | 3:43 am
    Sorry if this is a repeat for you, I’m putting it in the NetSec Podcast page as well. Well, I told you I couldn’t go that long without recording a podcast.  And a couple of weeks ago I got together with my friends Chris John Riley and Dave Lewis and started a new project, Last Hacker Standing.  In the inaugural podcast, we talk news (straight up, with a twist), alongside our wonderful guest Katie Moussouris from Hacker One.  I’m going to try to have fun with this one, not taking it too seriously.  Not that I ever took the Network Security Podcast all that seriously,…
  • Network Security Podcast, Episode 332

    martin
    18 Jun 2014 | 1:39 am
    We’d suspected this day would come for quite some time, but it’s time to make it official: The Network Security Podcast will no longer be a regular, weekly podcast, Rich Mogull and Zach Lanier will not be a consistent part of the podcast. The podcast will continue in some form, but it’ll be Martin doing any of the publishing.  Which isn’t really all that big of a change anyway. Basically, all three of us have become incredibly busy in the last year.  Zach has a wedding to plan, a new job and has moved again.  Rich has more business and work than any time in living…
  • Network Security Podcast, Episode 331

    martin
    6 May 2014 | 2:29 pm
    It’s been a while since we could last record a podcast, but at least we were able to get Rich and Martin together this week.  Zach was supposed to join us as well, but got called away to fight a fire at the last minute.  Such is life sometimes.  But we got this episode recorded, so let’s celebrate the small victories.  We don’t know when we’ll have the time for another one as most of the hosts are galavanting around the world and having fun. Network Security Podcast, Episode 331, May 6, 2014 Time:  38:05 Show Notes: Hospital hardware is easy to hack Denmark is a…
  • NSPMicrocast BSides London 2014

    martin
    6 Apr 2014 | 8:39 am
    This afternoon I had a chance to talk to two of the main organizers of one of the biggest security events of the year, BSides London.  Paul Batson and Thomas Fisher have been working tirelessly (or maybe tiredly) for months to bring together all of the disparate elements required to make a conference come together.  And it’s no mean feat when the people you’re working with are all volunteers and the money comes from sponsors, both of whom believe in your cause.  This year will be my first chance to go to BSides London (this is the fourth) and I’m really looking forward to…
  • Network Security Podcast, Episode 330

    quine
    31 Mar 2014 | 2:08 pm
    It only took 4+ weeks, but Martin and Zach are back on the air. Rich is back to his “(Inter)National Man of Mystery” routine, so he missed out on the somewhat lively discussion about drones, “secure” browsers, PCI, and, of course, the NSA. Network Security Podcast, Episode 330 Time: 37:27 Show Notes: WhiteHat Aviator Beta for Windows Obama’s move to relieve snooping fears This drone can steal what’s on your phone (see also: Snoopy and STALKER – Analyzing [Your] Wireless Data) Trustwave plans to fight “baseless allegations” over Target…
 
  • add this feed to my.Alltop

    Tenable Network Security Blog

  • Tenable Announces General Availability of Log Correlation Engine 4.4

    Aarij Khan
    12 Aug 2014 | 1:36 pm
    Tenable delivers update to SecurityCenter CV’s Log Correlation Engine, making it easier to integrate Continuous Monitoring in your IT infrastructure.
  • Tenable SecurityCenter Continuous View Sheds Light On Shadow IT Usage

    Aarij Khan
    7 Aug 2014 | 10:44 am
    Tenable’s SecurityCenter Continuous View makes it easy for companies to detect the use of cloud services and identify data stored in the cloud
  • Continuous Monitoring for the New IT Landscape

    Marcus J. Ranum
    6 Aug 2014 | 1:16 pm
    The landscape of IT security is changing and the rash of recent data breaches has targeted a fatal flaw in the way organizations have approached security over the last two decades. When it comes to security practices, organizations are going to have to adapt: older techniques simply won’t cut it anymore. Defensive technologies like firewalls, antivirus, patching systems and security event management have failed to prevent successful attacks because they are frequently not aligned with a unified security policy or business practice.
  • How Gaps in Pen Testing and Intrusion Detection Paved the Path to Continuous Monitoring

    Ron Gula
    5 Aug 2014 | 8:03 am
    Last week I had my annual physical, with the goal of checking the big things—heart, cholesterol, blood pressure. I also had an ache in my foot that had caused me some trouble running, but which I had largely ignored. My doctor recommended a foot x-ray. The diagnosis--a bone fracture. Had I kept running, the fracture would have worsened, I would have stopped exercise altogether, which undoubtedly would have hurt my ability to protect the big things—heart, cholesterol, blood pressure.
  • Tenable Integrates with Dell KACE Systems Management Solution

    Manish Patel
    30 Jul 2014 | 7:19 am
    Nessus and SecurityCenter now integrate with the Dell KACE K1000 Systems Management appliances to identify missing patches on vulnerable systems, detect unmanaged systems, and extend scanning to cover systems that previously could not be scanned.
 
  • add this feed to my.Alltop

    Spyware news

  • Got an email from Bank of America? It might be infected with Cryptowall virus!

    6 Aug 2014 | 5:25 am
    If you are interested in viruses, you must have heard about Cryptowall virus. This is a serious ransomware that has ability to encrypt specific files and then display a warning message asking people to pay a ransom for their decryption. At the moment of writing, this virus has ability to affect only those computers that […]
  • Tor warns its users about ‘relay early’ attack and says that they may have been unmasked

    31 Jul 2014 | 6:57 am
    Tor has always been loved by those who seek to hide their location, protect information about their browsing habits and fight for their anonymity. However, if you have been using this program from February 2014 to July 4, you should be concerned because it has been announced that Tor software was probably deanonymizing its users during […]
  • Security experts warn about reappearance of Delta Homes virus!

    31 Jul 2014 | 5:59 am
    Delta-homes.com, a search engine that was originally created for collecting revenue from advertising, has recently renewed its activity. According to the latest news, it has already hijacked thousands of devices in Russia, Turkey, Denmark, Poland and the U.S. Unfortunately, who exactly is responsible for this outbreak is still unknown. It is believed that it originates […]
  • Helpful tips on how to protect your smartphone/tablet

    2-spyware.com
    25 Jul 2014 | 4:55 am
    You have probably heard the term ‘Adware’. This term describes an advertising-supported software, which seeks to make a profit out of commercial advertisements. There is a small line between legitimate advertising, illegal advertising and annoying advertising. Nonetheless, the fact is that the majority of free programs and apps are supported by advertising. That is how […]
  • Different approach on internet security: ‘Project Zero’ by Google

    2-spyware.com
    18 Jul 2014 | 2:01 am
    It looks like Google is taking a new approach in order to make internet safer. Project Zero is an initiative that is heading in the right direction. To begin with, Google is recruiting elite security specialists and hackers in order to find various bugs, vulnerabilities, exploits and software flaws all over the web. According to one […]
  • add this feed to my.Alltop

    cissp CISSP training Certified Information Systems Security Professional

  • The Holistic CISSP CBT Tutorial for the BCP and DRP domain of the CBK

    Posted by boss
    8 Aug 2014 | 12:01 pm
    Dear members, The CCCure Learning Portal  is our new Learning Portal and it will eventually replaced CCCure.org.   The CCCure.Org has lots of legacy, it has some spammer posting within articles, and it is due for retirement.   Over the next months we will migrate the relevant content of CCCure.Org to CCCure.Training.  So far I have developed 38 Hours of thorough Computer Based Tutorial and I will continue over the next week as well. You can visit the new site at:  The CCCure Learning Porta Good day to all, I have never read as many NIST standards, books, and…
  • The CCCure Holistic Computer Based Tutorials (CBT) for the CISSP Exam

    Posted by
    29 Jul 2014 | 3:57 am
    Good day to all, I am pleased to say that I have just uploaded Part 3 of my Telecommunication and Network Security CBT tutorial to our Learning portal at http://cccure.training/index.php a few minutes ago.   I am now working on the 4th and last portion and it should be ready soon. That's a total of 24 hours of tutorial developed by CCCure/Clement for the CISSP CBK alone. The tutorials are available to Gold and Siver members at: http://cccure.training//m/articles/browse/category/CISSP+Online+CBT The MP3 files were uploaded as well and you can download them to listen while mobile on…
  • Prevent Your Network Getting Hacked with a Free Acunetix Security Scan

    Posted by cdupuis
    18 Jun 2014 | 2:21 pm
    Acunetix Free Scan will identify network security issues including the feared Heartbleed to allow businesses to fix them in time London, UK - 17th June 2014 – The recent Heartbleed vulnerability has highlighted the urgent need for more network level security scanning. In view of this, Acunetix has announced that it will be offering 10,000 Free Network Security scans with Acunetix Online Vulnerability Scanner (OVS) in a bid to make it easier for businesses to take control of their network security. Acunetix Online Vulnerability Scanner is a hosted security scanner that will scan a…
  • Secure Coding and Advanced Android and IOS exploitation

    Posted by
    17 Jun 2014 | 8:03 am
    VIEW THIS MAIL IN BROWSER -- CLICK HERE NOW -->  --> NotSoSecure Trainings Secure Coding for Web Developers What can you expect from this class? Covers latest industry standards such as OWASP Top 10 (2013). Insight into latest security vulnerabilities like the heartbleed bug. Thorough guidance on security best practices. References to real world analogy. Hands-on labs. Taught by the Industry's leading expert and Black Hat Trainer. --> Advanced Android and iOS Exploitation What can you expect from this class? Learn advanced techniques to audit mobile apps for security…
  • Very interesting and FREE security tools from Qualys

    Posted by
    4 Jun 2014 | 3:13 am
    Hi Clement, Hope you’re doing well. I wanted to let you know that we’ve announced a few new tools recently and thought you may be interested in testing them out. Specifically, we released: BrowserCheck –  For anyone, this will detect and help you correct security issues in your web browser. SSL Test – Allows your business to audit SSL implementations on your websites. BlindElephant – An open source web application fingerprinting engine that identifies application and plugin versions via static files. FreeScan – Tests the perimeter security of your…
  • add this feed to my.Alltop

    Schneier on Security

  • The Security of al Qaeda Encryption Software

    schneier
    19 Aug 2014 | 4:11 am
    The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures. NPR picked up the story a week later. Former NSA Chief Council Stewart Baker uses this as evidence that Snowden has harmed America. Glenn Greenwald calls this "CIA talking points" and shows that al Qaeda was using encryption well before Snowden. Both quote me heavily, Baker casting me as somehow disingenuous on this topic. Baker is conflating my stating of two cryptography truisms. The first is that cryptography is hard, and you're much…
  • US Air Force is Focusing on Cyber Deception

    schneier
    18 Aug 2014 | 12:08 pm
    The US Air Force is focusing on cyber deception next year: Background: Deception is a deliberate act to conceal activity on our networks, create uncertainty and confusion against the adversary's efforts to establish situational awareness and to influence and misdirect adversary perceptions and decision processes. Military deception is defined as "those actions executed to deliberately mislead adversary decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the…
  • QUANTUM Technology Sold by Cyberweapons Arms Manufacturers

    schneier
    18 Aug 2014 | 9:14 am
    Last October, I broke the story about the NSA's top secret program to inject packets into the Internet backbone: QUANTUM. Specifically, I wrote about how QUANTUMINSERT injects packets into existing Internet connections to redirect a user to an NSA web server codenamed FOXACID to infect the user's computer. Since then, we've learned a lot more about how QUANTUM works, and general details of many other QUANTUM programs. These techniques make use of the NSA's privileged position on the Internet backbone. It has TURMOIL computers directly monitoring the Internet infrastructure at providers in the…
  • NSA/GCHQ/CSEC Infecting Innocent Computers Worldwide

    schneier
    18 Aug 2014 | 3:45 am
    There's a new story on the c't magazin website about a 5-Eyes program to infect computers around the world for use as launching pads for attacks. These are not target computers; these are innocent third parties. The article actually talks about several government programs. HACIENDA is a GCHQ program to port-scan entire countries, looking for vulnerable computers to attack. According to the GCHQ slide from 2009, they've completed port scans of 27 different countries and are prepared to do more. The point of this is to create ORBs, or Operational Relay Boxes. Basically, these are computers that…
  • Friday Squid Blogging: Te Papa Museum Gets a Second Colossal Squid

    schneier
    15 Aug 2014 | 2:33 pm
    That's two more than I have. They're hoping it's a male. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
 
  • add this feed to my.Alltop

    Infosec Events

  • Week 33 In Review – 2014

    md
    18 Aug 2014 | 12:06 pm
    Events Related Def Con 22 DEFCON 22: The Con That Keeps on Giving – lunalindsey.com Luna Lindsey is redefining the conference experience. She had an amazing time this year, as always. But as a neophile, she crave new experiences. Def Con: the ‘Olympics of hacking’ – www.ft.com Welcome to Def Con, the Olympics of hacking, where for 21 years computer hackers have been gathering to compete, share their knowledge and, perhaps most of all, meet like-minded people in the real, offline world. A festival atmosphere fills the hallways as delegates greet old friends, addressing each other by…
  • Week 32 In Review – 2014

    md
    12 Aug 2014 | 12:50 pm
    Resources Introducing LiveDump.exe – crashdmp.wordpress.com Microsoft has added back the ability to dump physical memory to disk (in the form of a dump file) from user mode via NtSystemDebugControl. Sippy wrote a quick proof-of-concept tool and generated what appears to be a 250mb kernel bitmap dump. About the USB Descriptor Collection – usbdescriptors.com This site tries to build a collection of all the USB descriptors (extern) from all USB devices out there. This sounds like a though goal and it is. Breaking Antivirus Software – twitter.com Jeremiah Grossman twitted this SYScan360,…
  • Week 31 In Review – 2014

    md
    4 Aug 2014 | 8:23 am
    Resources REcon 2014 Videos – recon.cx REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. Here is the index of REcon 2014 videos. Watch and download the videos from here. RVAsec 2014 Videos – rvasec.com Miss a talk or even the entire conference? No problem! All of the speaker videos and presentations are linked here, or you can view the full Youtube playlist here! Mac OS X and iPhone sandbox escapes – googleprojectzero.blogspot.com The main reason for this particular blog post is to highlight Google project zero…
  • Information Security Events For August

    sheila
    31 Jul 2014 | 6:01 pm
    Here are information security events in North America this month:    Black Hat Las Vegas 2014 : Ausgust 2 to 7 in Las Vegas, NV, USA   DFRWS USA 2014 : August 3 to 6 in Denver, CO, USA   BSides Las Vegas 2014 : August 5 to 6 in Las Vegas, NV, USA   DEF CON 22 : August 7 to 10 in Las Vegas, NV, USA   EnergySec 2014 : August 18 to 22 in Austin, TX USA   TakeDownCon 2014 : August 18 to 19 in Huntsville, AL, USA   7th Workshop on Cyber Security Experimentation and Test (CSET 2014) : August 18 in San Diego, CA, USA   8th USENIX Workshop on Offensive…
  • Week 30 In Review – 2014

    md
    28 Jul 2014 | 4:01 pm
    Resources BSides Cleveland 2014 Videos – irongeek.com These are the videos from the Bsides Cleveland conference. You can watch and download the videos from here. Dispelling Confusion and Myths: iOS Proof-of-Concept – zdziarski.com A quick POC demonstrating how File Relay and other services can be abused to dump a significant amount of personal data from an iOS device wirelessly, and bypassing user backup encryption. iOS File Relay POC – youtube.com A quick POC demonstrating how File Relay and other services can be abused to dump a significant amount of personal data from an iOS…
  • add this feed to my.Alltop

    Security Catalyst

  • DtR Security Newscast: why CISOs get no respect, how many passwords?, and more

    Michael Santarcangelo
    12 Aug 2014 | 9:34 am
    Recording the Security Newscasts is a real blast. Hopefully that comes through when you listen in! I invite you to listen to the latest episode of the Down the Rabbithole (DtR) Security Newscast for August 11, 2014– with Raf Los (@Wh1t3Rabbit) and James Jardine (@JardineSoftware). We record the DtR Newscast every other Monday to engage in spirited discussion about security topics in the news. More than a run-down of the news, it’s our unfiltered (but safe for work) discussion of top stories. We usually inject some passion and and some divergent thinking to fuel your week. This…
  • Monday Motivation – the power of perspective

    Michael Santarcangelo
    11 Aug 2014 | 7:50 am
      Something to think about Perspective is essential. Similar to context, our perspectives change. Evident from the top of a tall building, where everything below looks like a model, and people the size of ants. Or gazing out at the vastness of the ocean. Sometimes our perspectives shift based on location. Other times experience does the trick. A key to success is to accept and embrace other perspectives. Location, experience, and the views of the people we serve, work with, and share our world with. Those perspectives give us depth. They inform decisions. They allow us to understand…
  • Monday Motivation – Be a Beginner Every Day

    Michael Santarcangelo
    4 Aug 2014 | 3:24 am
    Something to think about Sometimes we get so bogged down with reality that we stop seeing the possibilities. Lately I’ve learned to delight in the joy of our youngest when she spots a squirrel or bird in the back yard (it happens often). I love listening to the majestic and unfettered plans of her older siblings. They don’t see the bounds that many of us have placed on ourselves. Sometimes what holds us back is the way we see things. Our experience, our scars, or discomfort narrows the path until we see few options. This week, consider a reboot. In some small way — or…
  • Join our journey to teach children safely with Chromebooks and Google Apps

    Michael Santarcangelo
    1 Aug 2014 | 8:42 am
    Glancing up from the tablet on his lap, my son asks, “Daddy, what kind of computer did you have growing up?” I tried to explain the VIC-20. They loved the part about  how we hooked it up to the TV, used a cassette tape drive (have you tried explaining cassette tapes?), and had fun programming a dot with “flapping wings.” Times have changed. Technology has changed. Equally notable is our continued struggle to evolve with and determine the role the changes play in our lives. As a homeschooling parent, I’m now faced with the exciting integration of my professional and personal…
  • DtR Security Newscast: pin those certs, cyber insurance, gmail in the courts

    Michael Santarcangelo
    29 Jul 2014 | 8:12 am
    I invite you to listen to the latest episode of the Down the Rabbithole (DtR) Security Newscast for July 28, 2014 — with Raf Los (@Wh1t3Rabbit) and James Jardine (@JardineSoftware). We record the DtR Newscast every other Monday to engage in spirited discussion about security topics in the news. More than a run-down of the news, it’s our unfiltered (but safe for work) discussion of top stories. We usually inject some passion and and some divergent thinking to fuel your week. This episode has a cool energy and flow that I think makes for a good listen. Let me know if you agree.
  • add this feed to my.Alltop

    Dr Anton Chuvakin Blog PERSONAL Blog

  • Monthly Blog Round-Up – July 2014

    1 Aug 2014 | 8:10 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. My classic PCI…
  • Monthly Blog Round-Up – June 2014

    1 Jul 2014 | 8:15 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Why No Open Source SIEM, EVER?” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge.  Current emergence of open sources log search tools, BTW, does not break the logic of that post. “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth…
  • Monthly Blog Round-Up – May 2014

    2 Jun 2014 | 9:45 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list. “Why No Open…
  • Monthly Blog Round-Up – April 2014

    1 May 2014 | 7:55 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) My classic PCI DSS Log Review series is popular as well. The series of 18 posts cover a comprehensive log review approach, useful for building log review processes and procedures, whether regulatory or not. It is also described in more detail in our Log Management book.
  • Monthly Blog Round-Up – March 2014

    1 Apr 2014 | 7:07 am
    Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version) “Why No Open Source SIEM, EVER?” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge. “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and…
 
  • add this feed to my.Alltop

    Security Blog

  • Weekly Intelligence Summary Lead Paragraph: 2014-08-15

    dkennedy
    19 Aug 2014 | 12:50 pm
    The InfoSec risk developments with the broadest impacts on Verizon Enterprise clients were security bulletins for widely deployed systems. Fortunately, mature patch management mitigates the risks related to the vulnerabilities enumerated in nine Microsoft bulletins, two Adobe bulletins, as well as security-related updates in new versions of Apple’s Safari and Google’s Chrome browsers.  Among the most interesting collections this week wasn’t a “this happened,” but rather an opinion piece, “this will happen” from KnowBe4’s blog: “Ransomware: The next 12 months.” Updates to…
  • It’s campaign season, and I don’t mean politics

    kevin.thompson
    13 Aug 2014 | 10:52 am
    It’s campaign season, and I don’t mean politics! After all, when you’re talking about advanced threats it’s always campaign season, right? Last week FireEye published a blog post about Operation Poisoned Hurricane, a targeted attack that made use of a poor DNS configuration at one organization to disguise attacks at other organizations. The article is a really interesting read, so I decided to code up the campaign for the VERIS Community Database. There are a couple interesting variables in VERIS which are helpful for modeling campaigns. The ‘secondary’…
  • Advanced Threat Detection – Adapting to Change

    Fawaz Rasheed
    11 Aug 2014 | 9:04 am
    There’s no shortage of inspiring quotes echoing timeless truths. Take for example Charles Darwin who once said, “It is not the strongest of the species that survives, nor the most intelligent that survives. It is the one that is most adaptable to change.” Applying the essence of this truth to organizations defending against today’s risk landscape underscores a reality all too damning for those who aren’t able to keep up. The obfuscation of attacks has evolved while the more popular adopted approaches to identifying them don’t prove to be completely effective. The widening…
  • Weekly Intelligence Summary Lead Paragraph: 2014-08-08

    ssimpson
    8 Aug 2014 | 4:09 pm
    You know it’s the beginning of August when InfoSec headlines like “The World’s Most Hackable Cars” and “Security Researcher Claims He Can Hack Airplanes via Wi-Fi” start making the rounds on social media. Needless to say, Black Hat and Defcon 2014 are in full swing and so is the hype created by both events. Perhaps looking to capitalize on that hype, Alex Holden of Hold Security announced the discovery of a trove of 1.2 billion unique credentials harvested from over 400,000 websites. Aside from the number of records and the fact that a Russian group was in possession of them, the…
  • Weekly Intelligence Summary Lead Paragraph: 2014-08-01

    dkennedy
    8 Aug 2014 | 9:47 am
    Malware reports comprise the bulk of our collections of enterprise risk intelligence this week.  Kaspersky’s intel team was especially productive; they expanded our assessment of threat actor “Energetic Bear.”  They also reported a takedown of the Koler Android ransomware and the infrastructure behind it. And Kaspersky found a DoS-for-hire botnet in a cloud.  US-CERT, the US Secret Service and FS-ISAC reported the new POS malware “Backoff.” FireEye published an assessment of increasing PlugX RAT variants in APAC.  Confirming AirBus/Cassidian Cyber Security’s “Pitty Tiger”…
  • add this feed to my.Alltop

    symantec.com

  • Phishers serve up Paolo Bediones sex video, steal Facebook user logins

    Avdhoot Patil
    19 Aug 2014 | 4:33 pm
    Summary:  A fake Facebook website is behind a phishing campaign offering up the sex scandal video of Filipino TV host Paolo Bediones. Phishers are known for capitalizing on current events and using them in their phishing campaigns. Celebrity scandals are popular and Symantec recently observed a phishing attack on the Facebook platform that claimed to have the sex tape of well-known Filipino television host and news anchor Paolo Bediones. read more
  • Ebola fear used as bait, leads to malware infection

    Symantec Security Response
    15 Aug 2014 | 12:24 pm
    Summary:  Ebola news is bait for attackers to steal login credentials and install Trojan.Zbot, Trojan.Blueso, W32.Spyrat, and Backdoor.Breut malware. read more
  • Robin Williams goodbye video used as lure in social media scams

    Satnam Narang
    14 Aug 2014 | 2:32 pm
    Summary:  The video is not real, scammers are enticing users to download software and fill out surveys. Within 48 hours of the news surrounding the death of actor and comedian Robin Williams, scammers honed in on the public’s interest and grief. There is currently a scam campaign circulating on Facebook claiming to be a goodbye video recorded by the actor just before his death.   read more
  • Microsoft Patch Tuesday – August 2014

    himanshu_mehta
    12 Aug 2014 | 1:52 pm
    Summary:  This month the vendor is releasing nine bulletins covering a total of 37 vulnerabilities. Twenty-eight of this month's issues are rated Critical. Welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing nine bulletins covering a total of 37 vulnerabilities. Twenty-eight of this month's issues are rated Critical. As always, customers are advised to follow these security best practices: read more
  • Does malware still detect virtual machines?

    Candid Wueest
    12 Aug 2014 | 8:58 am
    Summary:  Virtual systems are not immune to malware, despite what some people may believe. read more
 
  • add this feed to my.Alltop

    Optimal Security

  • SC Magazine 2014 Malware Defenses Survey Results (part 3)

    Chris Merritt
    19 Aug 2014 | 11:58 am
    The report on the 2014 Malware Defenses survey conducted by SC Magazine is now out. Overall, it shows that organizations are starting to wake up to the risk of targeted (or APT) attacks – but they still have a ways to go on many fronts. In this last of three posts, we will close by looking at where respondents see their future – how vulnerable do they feel, what’s stopping them from addressing this, and what are they doing about it. In the first post, we delved into where their heads are at. In the second post, we examined how they’re dealing with targeted attacks now. So let’s…
  • Infosec Haiku

    Chris Merritt
    18 Aug 2014 | 1:24 pm
    Anata no joho sekyuritei konshu no haiku Beware Bad Patches. Not Common, But Best Practice Dictates: Test First Please.   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is published, I’ll send you a $20 Starbux card. Please DM me at infosec-haiku@lumension.com. Contest Rules: all rulings by the judge (me) are final, blah blah blah.
  • Supervalu Shoppers At Risk After Hackers Steal Credit Card Details – and other stores affected too

    Graham Cluley
    18 Aug 2014 | 11:25 am
    Customers who have used their credit cards at a US supermarket chain between June 22nd and July 17th 2014 are being warned to check their bank balances, after it was discovered that criminals had hacked their way into networks and potentially accessed shoppers’ private data. Supervalu has published a security advisory on its website, warning that cybercriminals broke into the part of its computer network that handles purchases made with payment cards at point-of-sales systems, and may have stolen information including the cardholders’ name, expiration date, account numbers.
  • Patching Best Practices Lessons Learned – Again?

    Chris Merritt
    14 Aug 2014 | 2:03 pm
    Automatic patching? Magic 8-Ball sez NO! Reports are surfacing that some of this month’s batch of Microsoft patches are causing problems. As I’ve said before, the folks in Redmond have gotten much better with their patches over the years, to where news of BSODs caused by a Microsoft patch is, well, news. Anyhow, here are the details as we know them now: The Outlook 2013 update (KB2881011) prevents some users from opening archive folders; Microsoft has posted an update recommending that users uninstall this update. The MS14-045 updates to kernel-mode drivers (covering KB2976897, KB2982791,…
  • SC Magazine 2014 Malware Defenses Survey Results (part 2)

    Chris Merritt
    14 Aug 2014 | 8:07 am
    The report on the 2014 Malware Defenses survey conducted by SC Magazine is now out. Overall, it shows that organizations are starting to wake up to the risk of targeted (or APT) attacks – but they still have a ways to go on many fronts. In this second of three posts, we will examine how respondents are dealing with targeted attacks now – what are the attack vectors, how are they protecting against targeted attacks, and how effective are these defenses. In the first post, we delved into where their heads are at. In the last post, we’ll close by looking at where they see their future.
  • add this feed to my.Alltop

    Naked Security - Sophos

  • 5 excuses for doing nothing about computer security!

    Paul Ducklin
    20 Aug 2014 | 4:54 am
    Here are five security excuses that we hear a lot, both from individuals and from small businesses. We've given you some advice to help you argue back that security really does matter...
  • Delaware passes law to give others access to our e-lives when we die

    Lisa Vaas
    20 Aug 2014 | 4:12 am
    It's the broadest law regarding digital assets of the deceased to be passed in the US, and internet companies and privacy advocates aren't too crazy about it. At the end of the day/your days, a will that addresses digital assets is still a smart move that can address all the issues.
  • Google plans YouTube clean-up, ready for kid customers

    Lisa Vaas
    20 Aug 2014 | 3:24 am
    The new services reportedly will include a dashboard for parents, a child-safe YouTube, and a new age requirement on Android gadgets. This might be a good thing. Can you imagine a YouTube that won't make you feel like you need a shower after a viewing session? Then this might be a bad thing. Helloooooo, micro-data-mining!
  • US Nuclear Regulatory Commission hacked 3 times in 3 years

    Lee Munson
    19 Aug 2014 | 11:36 am
    According to documents obtained under an open-records request, two of the hacks, perpetrated via phishing emails, are believed to have originated in foreign countries, while the source of the third remains unknown because incident logs have been destroyed. The report does not say when the attacks occurred, nor does it divulge what, if any, data was compromised.
  • US won't release Russian MP's son being held on PoS hacking charges

    Lisa Vaas
    19 Aug 2014 | 4:33 am
    A US federal court has refused to release Roman Seleznev, arrested in the Maldives under suspicion of rigging retail PoS systems to rip off credit card details. Prosecutors say he was caught with over 2 million stolen cards on his laptop and that he'd been searching the US federal court electronic filing system for charges against him.
  • add this feed to my.Alltop

    Naked Security - Sophos

  • 5 excuses for doing nothing about computer security!

    Paul Ducklin
    20 Aug 2014 | 4:54 am
    Here are five security excuses that we hear a lot, both from individuals and from small businesses. We've given you some advice to help you argue back that security really does matter...
  • Delaware passes law to give others access to our e-lives when we die

    Lisa Vaas
    20 Aug 2014 | 4:12 am
    It's the broadest law regarding digital assets of the deceased to be passed in the US, and internet companies and privacy advocates aren't too crazy about it. At the end of the day/your days, a will that addresses digital assets is still a smart move that can address all the issues.
  • Google plans YouTube clean-up, ready for kid customers

    Lisa Vaas
    20 Aug 2014 | 3:24 am
    The new services reportedly will include a dashboard for parents, a child-safe YouTube, and a new age requirement on Android gadgets. This might be a good thing. Can you imagine a YouTube that won't make you feel like you need a shower after a viewing session? Then this might be a bad thing. Helloooooo, micro-data-mining!
  • US Nuclear Regulatory Commission hacked 3 times in 3 years

    Lee Munson
    19 Aug 2014 | 11:36 am
    According to documents obtained under an open-records request, two of the hacks, perpetrated via phishing emails, are believed to have originated in foreign countries, while the source of the third remains unknown because incident logs have been destroyed. The report does not say when the attacks occurred, nor does it divulge what, if any, data was compromised.
  • US won't release Russian MP's son being held on PoS hacking charges

    Lisa Vaas
    19 Aug 2014 | 4:33 am
    A US federal court has refused to release Roman Seleznev, arrested in the Maldives under suspicion of rigging retail PoS systems to rip off credit card details. Prosecutors say he was caught with over 2 million stolen cards on his laptop and that he'd been searching the US federal court electronic filing system for charges against him.
 
  • add this feed to my.Alltop

    TRUSTe Blog

  • Webinar – EU Cookie Directive: Key Steps to Compliance

    lgradman
    14 Aug 2014 | 8:00 am
    With the EU “Cookie Sweep” quickly approaching, TRUSTe is helping businesses ensure compliance with the EU Cookie Directive with a 2-part webinar series titled EU Cookie Sweep: Are You Compliant? Earlier this week, TRUSTe and Promontory hosted part I of the series, EU Cookie Directive: Key Steps to Compliance. This session provided attendees with an … Continue reading »
  • Mobile Shopping Apps Lack Transparency in Data Collection Practices

    lgradman
    6 Aug 2014 | 11:18 am
    In today’s digital age, consumers have access to a whole new shopping experience at their finger tips via mobile apps. These apps provide obvious benefits to consumers, such as real-time price comparisons, alerts for deals from their favorite retailers, as well as easy checkout methods straight from swiping their phone at the counter. With 58% … Continue reading »
  • TRUSTe Named to 2014 OTA Email Integrity Honor Roll

    lgradman
    6 Aug 2014 | 6:30 am
    Today, the Online Trust Alliance (OTA) announced the results of its 2014 Email Integrity Audit report and TRUSTe was identified as one of the select few companies that provides adequate email security measures to help businesses protect their brands and consumers from receiving fraudulent email. Being named to the 2014 Honor Roll is a significant … Continue reading »
  • EU Regulatory Update: Dutch Cookie Rules Enforced

    lgradman
    5 Aug 2014 | 6:00 am
    By Saira Nayak, Director of Policy, TRUSTe The last few weeks have seen a renewed focus on the EU’s Cookie Laws with news that European Data Protection Authorities are introducing a “Cookies Sweep Day” initiative in September to review compliance with the EU Cookie Directive.  And in October, France’s CNIL will conduct cookie and website … Continue reading »
  • August Monthly Spotlight

    lgradman
    1 Aug 2014 | 10:30 am
    -         August 12 EU Cookie Sweep: Are You Compliant? Webinar You may have heard that European Data Protection Authorities will conduct a “Cookies Sweep” from September 15-19 to assess current compliance levels. The CNIL will then conduct further inspections in October using new powers, which came into effect earlier this year. With the potential of … Continue reading »
  • add this feed to my.Alltop

    SecurityWeek RSS Feed

  • Today's Biggest Security Gap? Identity.

    Travis Greene
    20 Aug 2014 | 5:57 am
    Identifying security gaps is a favorite pastime of security professionals. We lovingly spend time performing risk assessments, drafting and administering policies, implementing defensive technologies, and generally trying to figure out the angle of future attacks. read more
  • Malware Developers Port Linux DDoS Trojan to Windows

    Eduard Kovacs
    20 Aug 2014 | 5:40 am
    Researchers at Russia-based security company Doctor Web have noticed that a piece of malware designed to run on Linux computers has been ported by its creators to Windows. read more
  • Stealth Security Startup vArmour Secretly Raised $42 Million

    Mike Lennon
    20 Aug 2014 | 5:17 am
    It’s rare to hear about a startup that has been able to secure its Series A, B and C rounds while operating in stealth mode, but one Silicon Valley security startup has managed to raise a total of $42 million since it was founded in 2011, all without coming public and saying what they actually do. read more
  • Source Code of Android RAT Dendroid Leaked Online

    Eduard Kovacs
    20 Aug 2014 | 3:27 am
    The complete source code for the Android remote access Trojan (RAT) called Dendroid has been leaked online, which researchers have found contains several vulnerabilities. read more
  • Hospitals Increasingly Targets of Malicious Activity: Websense

    Brian Prince
    19 Aug 2014 | 3:56 pm
    When Community Health Systems revealed it had been breached, it joined a growing list of healthcare organizations and hospitals that have been hit by attackers. read more
  • add this feed to my.Alltop

    Free IT - Security Magazines and Downloads from alltop.tradepub.com

  • Mitigating Security Risks at the Network's Edge

    19 Aug 2014 | 12:00 am
    With locations that typically process credit cards, distributed enterprises are at a particularly high risk of suffering data breaches. This white paper provides strategies and best practices for distributed enterprises to protect their networks against vulnerabilities, threats, and malicious attacks.Request Free!
  • PCI 3.0 Compliance Guide

    19 Aug 2014 | 12:00 am
    Properly configure, monitor, and maintain your CradlePoint devices to meet the requirements of PCI-DSS 3.0. Enabling features of CradlePoint solutions include network segmentation (Ethernet ports, SSIDs and VLANs), stateful firewall, MAC/IP/URL filtering, authentication, encryption, event logging, event alerts, time synchronization, and configuration management from CradlePoint Enterprise Cloud Manager.Request Free!
  • The Essentials of Information Security Kit: Includes a Free PC Security Handbook - 2nd Edition eBook

    18 Aug 2014 | 7:50 am
    The Essentials of Information Security brings together the latest in information, coverage of important developments, and expert commentary to help with your Information Security related decisions.The following kit contents will help you get the most out of your Information Security research:10 Network Security Tools and Tests Everyone Should UseCitrix NetScaler: A Powerful Defense against Denial of Service AttacksPC Security Handbook - 2nd EditionMagic Quadrant for Identity and Access Management as a ServiceRequest Free!
  • Essential Security Trends, Predictions and Recommendations from Fortinet's FortiGuard Labs

    18 Aug 2014 | 12:00 am
    Join FortiGuard Labs', Senior Security Strategist, Richard Henderson as he discusses topics like:Which threat classes are on the rise, and which on the waneThe latest botnet/command & control channels to be sure are on your block listEarly indications of what and where Cybercriminals may focus on nextRichard provides additional color behind key findings from the midyear report as well as best practice recommendations to be sure are in place. Request now to hear directly from FortiGuard Labs.Request Free!
  • Privileged Identity Management, Q1 2014

    15 Aug 2014 | 12:00 am
    This report evaluated nine vendors based on 18 key criteria, including current offering, strategy and market presence.Centrify Server Suite's results:Only solution to earn the highest possible score for its Active Directory bridge functionality.Tied for highest score in privileged session spawning, privileged session recording, and privilege escalation.Highest possible score for customer satisfaction.Disclaimer: The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical…
 
  • add this feed to my.Alltop

    IT-Security

  • Locking your Door is a Bad Analogy for PCI DSS Compliance and InfoSec

    Branden Williams
    19 Aug 2014 | 7:17 am
    Storytelling is a pastime that spans all of human existance. Famous stories like cultural parables or classics like Romeo & Juliet attempt to tackle complex or conflicting ideas and relate them to someone. We use it to pass information from place to place, to captivate audiences when delivering unexpected information (See TED talks), and to explain to a lay person why they should take some action. Pick a security standard or compliance initiative, and you will find hundreds of analogies that attempt to reduce their complexity to a tagline or short list of tasks. One in particular that is…
  • Consider the Hawthorne Effect for Big Data

    Branden Williams
    14 Aug 2014 | 7:25 am
    The Hawthorne Effect is a phenomena coined to explain inconclusive results from a set of studies performed at Western Electric Company’s Hawthorne Works on worker productivity from the 1920s and 30s. Essentially, researchers were confused with the results from two specific parts of the study—illumination levels and worker break time variance—which improved only during the study. Workers knew they were being studied, so the Hawthorne Effect is used to describe positive results from research as influenced by the workers, not by the actual independent variables studied.
  • DtR Security Newscast: why CISOs get no respect, how many passwords?, and more

    Michael Santarcangelo
    12 Aug 2014 | 9:34 am
    Recording the Security Newscasts is a real blast. Hopefully that comes through when you listen in! I invite you to listen to the latest episode of the Down the Rabbithole (DtR) Security Newscast for August 11, 2014– with Raf Los (@Wh1t3Rabbit) and James Jardine (@JardineSoftware). We record the DtR Newscast every other Monday to engage in spirited discussion about security topics in the news. More than a run-down of the news, it’s our unfiltered (but safe for work) discussion of top stories. We usually inject some passion and and some divergent thinking to fuel your…
  • Corporate Survival Tips for Young Professionals: The Roundup

    Branden Williams
    12 Aug 2014 | 6:51 am
    Starbucks : Birmingham : England : UK : Enjoy!, by uggboy Well, it’s been quite a journey over the last month or so! I hope that some of the things presented here are helpful. I’m happy if just one tip makes a change in your career! During my research for this series I found TONS of other bloggers who have posted information about some of these skills (many around politics and politically charged environments). I would encourage you to find more information on your own to further your skills. As a suggetsed starting place, cehck out this blog post by Jack Zenger and Joseph Folkman…
  • Monday Motivation – the power of perspective

    Michael Santarcangelo
    11 Aug 2014 | 7:50 am
      Something to think about Perspective is essential. Similar to context, our perspectives change. Evident from the top of a tall building, where everything below looks like a model, and people the size of ants. Or gazing out at the vastness of the ocean. Sometimes our perspectives shift based on location. Other times experience does the trick. A key to success is to accept and embrace other perspectives. Location, experience, and the views of the people we serve, work with, and share our world with. Those perspectives give us depth. They inform decisions. They allow us to understand…
  • add this feed to my.Alltop

    Infosec Communicator

  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
  • The Secure Communicator–upcoming webinar

    bwadmin
    17 Apr 2014 | 5:16 am
    Has the Heartbleed bug made you more aware of the challenges you face trying to protect confidential or private information online? I’ll address the impacts of Heartbleed and other threats to your security in “The Secure Communicator,” an STC Education … Continue reading →
  • add this feed to my.Alltop

    Infosec Communicator

  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
  • The Secure Communicator–upcoming webinar

    bwadmin
    17 Apr 2014 | 5:16 am
    Has the Heartbleed bug made you more aware of the challenges you face trying to protect confidential or private information online? I’ll address the impacts of Heartbleed and other threats to your security in “The Secure Communicator,” an STC Education … Continue reading →
 
  • add this feed to my.Alltop

    AT&T Networking Exchange Blog » Security

  • Is That DDoS Attack a Smokescreen for Something Worse?

    Sam Farraj
    20 Aug 2014 | 3:45 am
    Two new reports confirm that Distributed Denial-of-Service (DDoS) attacks are growing across virtually all types of business. They are often a deliberate distraction, hiding thefts of funds, data, and personal identity. According to a new report, over half of all companies reporting DDoS attacks on their web infrastructure also reported that customer data, money, or intellectual property had been stolen while the companies’ IT teams were focused on responding to the attacks. These conclusions reveal a heightened sophistication among the hackers initiating the DDoS activities. While some…
  • With Cyber Security: Prevention is Good, But Not Enough

    Andy Daudelin
    15 Aug 2014 | 3:45 am
    While locking the doors and windows of your home helps prevent thieves from entering, there is a good chance they will bypass these deterrents if they are motivated and equipped. The same is true when it comes to protecting your business from security threats. Cyber criminals are getting more determined and adept at finding vulnerable entry points. So, while it’s important to put up barriers to prevent them from accessing your environment, it’s prudent to assume breaches will happen. To be prepared, you need a robust monitoring system to quickly detect and respond to threats. The…
  • Cyber Attacks on Small and Medium Businesses: Are You the Next Target?

    Andy Daudelin
    13 Aug 2014 | 6:45 am
    Operating under the perception that larger companies are the primary prey, small- to medium-sized businesses (SMBs) have developed a false sense of comfort. But for data-hungry attackers, SMBs can be treasure troves of credit card data, social security numbers, names, and birth dates. Storing data or sending it across a network without the right security in place exposes it to the eyes and clutches of an attacker. Hackers often use this data as a stepping stone into attacks, such as phishing emails that contain personal information to entice users to click on links that download malware or…
  • A VPN’s Crucial Role in Securing the Hub

    Russ Banham
    11 Aug 2014 | 3:45 am
    As organizations leverage ways to connect the enterprise with wide-ranging internal and external sources of key business data, a VPN is seen as a necessary security component–the armed guard protecting this trove of enterprise insight. Companies are just beginning to create the technology infrastructure that permits real-time access and analysis of wide-ranging performance data to enable more insightful business decisions. One scenario calls for employees at the edges of the enterprise—individuals “touching” customers, suppliers, banks, and other partners—to be given mobile…
  • Weighing the Pros and Cons of a SaaS Solution

    Shelley OBrien
    28 Jul 2014 | 3:45 am
    Much like individuals who are questioning whether to rent or buy in a fluctuating real estate market, many organizations today are weighing similar options in a rapidly changing technology market. Does it make sense to buy, or to choose software-as-a-service (SaaS), a model that lets you pay a service fee for use of the product? The Pros In light of decreasing technology budgets, a per-seat subscription base price for software makes it easier to know and allocate costs for different departments or business units. Updates and upgrades are easier and faster, too. Instead of downloading and…
  • add this feed to my.Alltop

    AT&T Networking Exchange Blog » Security

  • Is That DDoS Attack a Smokescreen for Something Worse?

    Sam Farraj
    20 Aug 2014 | 3:45 am
    Two new reports confirm that Distributed Denial-of-Service (DDoS) attacks are growing across virtually all types of business. They are often a deliberate distraction, hiding thefts of funds, data, and personal identity. According to a new report, over half of all companies reporting DDoS attacks on their web infrastructure also reported that customer data, money, or intellectual property had been stolen while the companies’ IT teams were focused on responding to the attacks. These conclusions reveal a heightened sophistication among the hackers initiating the DDoS activities. While some…
  • With Cyber Security: Prevention is Good, But Not Enough

    Andy Daudelin
    15 Aug 2014 | 3:45 am
    While locking the doors and windows of your home helps prevent thieves from entering, there is a good chance they will bypass these deterrents if they are motivated and equipped. The same is true when it comes to protecting your business from security threats. Cyber criminals are getting more determined and adept at finding vulnerable entry points. So, while it’s important to put up barriers to prevent them from accessing your environment, it’s prudent to assume breaches will happen. To be prepared, you need a robust monitoring system to quickly detect and respond to threats. The…
  • Cyber Attacks on Small and Medium Businesses: Are You the Next Target?

    Andy Daudelin
    13 Aug 2014 | 6:45 am
    Operating under the perception that larger companies are the primary prey, small- to medium-sized businesses (SMBs) have developed a false sense of comfort. But for data-hungry attackers, SMBs can be treasure troves of credit card data, social security numbers, names, and birth dates. Storing data or sending it across a network without the right security in place exposes it to the eyes and clutches of an attacker. Hackers often use this data as a stepping stone into attacks, such as phishing emails that contain personal information to entice users to click on links that download malware or…
  • A VPN’s Crucial Role in Securing the Hub

    Russ Banham
    11 Aug 2014 | 3:45 am
    As organizations leverage ways to connect the enterprise with wide-ranging internal and external sources of key business data, a VPN is seen as a necessary security component–the armed guard protecting this trove of enterprise insight. Companies are just beginning to create the technology infrastructure that permits real-time access and analysis of wide-ranging performance data to enable more insightful business decisions. One scenario calls for employees at the edges of the enterprise—individuals “touching” customers, suppliers, banks, and other partners—to be given mobile…
  • Weighing the Pros and Cons of a SaaS Solution

    Shelley OBrien
    28 Jul 2014 | 3:45 am
    Much like individuals who are questioning whether to rent or buy in a fluctuating real estate market, many organizations today are weighing similar options in a rapidly changing technology market. Does it make sense to buy, or to choose software-as-a-service (SaaS), a model that lets you pay a service fee for use of the product? The Pros In light of decreasing technology budgets, a per-seat subscription base price for software makes it easier to know and allocate costs for different departments or business units. Updates and upgrades are easier and faster, too. Instead of downloading and…
  • add this feed to my.Alltop

    Redspin Security Blog

  • OIG Finds NASA Web Application Security Lacking. Is it Time to Assess Yours?

    Dan Berger
    26 Jul 2014 | 5:24 am
    We may be able to send a man to the moon but we still have a long way to go before all of our web applications are sufficiently protected from hackers.
  • Why I Disagree With Google’s Founders About the Healthcare Market

    Dan Berger
    25 Jul 2014 | 5:08 am
    Google's founders, Sergey Brin and Larry Page, were recently asked at a conference if they could imagine Google becoming a healthcare company. They both said "no" and explained their reasoning as follows. Brin felt the regulatory obstacles would "dissuade a lot of entrepreneurs" from entering the market and added "it's just a painful business to be in." Page gave an example of what he thought could be a useful medical research tool and said "that's almost impossible to do because of HIPAA." Well, [ Read More ]
  • The Risks of a HIPAA Security Risk Analysis

    Dan Berger
    8 Jul 2014 | 2:43 pm
    The risk of a HIPAA risk analysis is in not selecting the right team for the job.
  • BYOD Security – The Next Problem? Data Sprawl

    David Carlino
    20 May 2014 | 5:27 pm
    Submitted by David Carlino Mobile devices are designed to store less data than traditional laptops and desktop workstations. Cloud-based storage continues to enable a steady migration away from local device storage. Due to local storage limits, mobile users are increasingly turning to a wide array of cloud storage options to maintain and access their data. This is very helpful when a device is lost or stolen but there are unintended consequences in complexity, security, and risk... Enabling [ Read More ]
  • Largest HIPAA Compliance Settlement – A Prescription for IT Security Health

    Dan Berger
    11 May 2014 | 8:36 am
    The key to Redspin’s rapid rise as the leader in HIPAA compliance for healthcare providers has been our unyielding focus on IT security. Last week’s news that OCR had reached a $4.8 million settlement agreement with New York-Presbyterian hospital and Columbia University Medical Center relating to HIPAA compliance violations further affirms our position. What started as an investigation of a 6,800 record ePHI breach became a multi-million dollar black-eye for those providers. At the source [ Read More ]
 
  • add this feed to my.Alltop

    F-Secure Antivirus Research Weblog

  • Data vs. Metadata

    20 Aug 2014 | 3:25 am
    Google uses HTTPS for all search queries. That's good, because it means that all of the questions you ask (a.k.a. your data) will be encrypted. However… regardless of HTTPS, inferences about your searches can still be made by somebody with accesses to your network traffic. For example:In the screenshot above, a popular "packet analyzer" displays DNS queries (a.k.a. metadata). We first connected our test device to google.com and performed a search — and then we clicked on the top search result link — and connected to aa.org.The deductive reasoning skills of Sherlock Holmes…
  • Trojan:W32/Lecpetex: Bitcoin miner spreading via FB messages

    20 Aug 2014 | 3:25 am
    In early March this year, while investigating various threats as part of our Facebook malware cleanup effort, we ran across an interesting one that was spreading in zipped files attached to messages.The messages themselves were classic social engineering bait that lead the users to install the executable file in the attachment, which turned out to be a Bitcoin miner, which we identify as Trojan:W32/Lecpetex. Some of the more interesting details of our analysis are presented in our Lecpetex whitepaper.Facebook's own investigation into Lecpetex lead to an operation to take down the botnet. More…
  • Ransomware Race (Part 4): Adult Content, Browlock's Staying Power

    20 Aug 2014 | 3:25 am
    Lately, our eyes have been caught by the rise of Ransomware families. It is very evident that the bad guys are constantly developing this type of malware family as seen in our previous posts about CryptoWall and CTB-Locker and Synolocker. In addition to these families, we have also been observing a rather simpler type of Ransomware, yet pretty active and very much alive since it was first encountered in 2013 - Browlock. Compared to other Ransomware families, Browlock does not encrypt the victim's files, and does not add nor run any files on the victim's machine. It only scares the user by…
  • Backdoor.Gates: Also Works for Windows

    20 Aug 2014 | 3:25 am
    We have received reports about a Linux malware known as Backdoor.Gates.Analysis showed that this malware has the following features: •   Collects information on the compromised system, such as OS version, hard disk size etc. •   Connects to a C&C server for further information. The server address and port are RSA-encrypted.  •   Can perform a host of different DDoS attacks:   •   TCP-SYN flood   •   UDP flood…
  • Testing the Xiaomi RedMi 1S - now with OTA update

    20 Aug 2014 | 3:25 am
    On August 10 Xiaomi addressed privacy concerns related to the MIUI Cloud Messaging function of its smartphones by releasing an OTA update intended to make this an opt-in feature, rather then a default one. Since we already had the phone set up, we downloaded and applied the update to the same Redmi 1S phone we used in the previous testing: Then we factory reset it. Once the phone restarted, we noted that cloud messaging is now by default set to Off under Settings: We then went through the following steps:   • Add a new contact   • Send and…
  • add this feed to my.Alltop

    Pcthreat.com

  • SunriseBrowse

    19 Aug 2014 | 6:59 pm
    Even though SunriseBrowse is meant to transform your web browsing, this application will transform nothing else but your outlook on virtual security and unreliable software. The misleadingly alluring program...
  • PC Optimizer Pro

    19 Aug 2014 | 6:59 pm
    Despite the best efforts of the online security industry to secure the exact opposite, many of its consumers continue to fall into the trap set by malicious rogue security tools like PC Optimizer Pro. This...
  • Qone8.com

    19 Aug 2014 | 6:59 pm
    Qone8.com is a search engine which returns search results from Google Search. The search engine is owned by Taiwan Shui Mu Chih Ching Technology Limited, and it very similar to such browser hijackers as...
  • KingCoupon

    19 Aug 2014 | 6:59 pm
    If you have no clue how KingCoupon was installed on the PC, you have to consider illegal infiltration. Our malware researchers have not observed the application slithering in without authorization; however,...
  • V9 Redirect Virus

    19 Aug 2014 | 6:59 pm
    V9 Redirect Virus is a malicious browser hijacker which infects the system while you are browsing insecure websites or when you download spam email attachments. Once the infection gets in the system, the...
 
  • add this feed to my.Alltop

    VRT

  • The Windows 8.1 Kernel Patch Protection

    Andrea Allievi
    14 Aug 2014 | 12:22 pm
    In the last 3 months we have seen a lot of machines compromised by Uroburos (a kernel-mode rootkit that spreads in the wild and specifically targets Windows 7 64-bit). Curiosity lead me to start analyzing the code for Kernel Patch Protection on Windows 8.1. We will take a glance at its current implementation on that operating system and find out why the Kernel Patch Protection modifications made by Uroburos on Windows 7 don’t work on the Windows 8.1 kernel. In this blog post, we will refer to the technology known as “Kernel Patch Protection” as “Patchguard”. Specifically, we will…
  • Microsoft Update Tuesday August 2014: Media Center and Internet Explorer

    Yves Younan, PhD
    12 Aug 2014 | 10:37 am
    Another Update Tuesday has arrived, this time bringing us a total of nine bulletins covering a total of 37 CVEs. Two bulletins are marked critical: one for Media Center and the other for Internet Explorer, while the rest are marked "important".MS14-043 covers Media Center and fixes a single use-after-free vulnerability (CVE-2014-4060). This vulnerability could allow remote code execution if a user opens a malicious Office file using Windows Media Center. It affects both Windows 7 and 8.The second critical bulletin is the IE bulletin (MS14-051), providing fixes for a total of 26 CVEs. As is…
  • Apple ID Harvesting, now this is a good phish.

    Joel Esler
    9 Jul 2014 | 8:07 am
    Phishing isn't new.  "So, why are you writing about it?", you ask.I received this one today and it was very well done, so I thought I'd write it up.  Chances are, you've seen these before:If you are familiar with Apple Verification emails, you'll notice the format is almost exactly what Apple uses.  You'll notice that there are hardly any grammar, punctuation or capitalization errors.  Usually, something as simple as the "Dear Customer" would give it away by the insertion of a space between the word "Customer" and ",".  Those of you that look at phish emails all day…
  • Microsoft Update Tuesday July 2014: light month, mostly Internet Explorer

    Yves Younan, PhD
    8 Jul 2014 | 10:15 am
    This month’s Microsoft Update Tuesday is relatively light compared to the major update of last month. We’re getting a total of six bulletins this month, two marked critical, three as important and finally one moderate. These six bulletins cover a total of 29 CVEs, most of which are, as is usual, in Internet Explorer.Let’s start off with the Internet Explorer bulletin, MS14-037. It covers a total of 24 CVEs, 23 of which are memory corruption vulnerabilities that could result remote code execution vulnerabilities and most of those memory corruptions are the result use-after-free…
  • Threat Spotlight: "A String of Paerls", Part 2, Deep Dive

    Joel Esler
    8 Jul 2014 | 7:00 am
    This post has been coauthored by Joel Esler, Craig Williams, Richard Harman, Jaeson Schultz, and Douglas GoddardIn part one of our two part blog series on the “String of Paerls” threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described our methodology in grouping similar samples based on Indicators of Compromise: static and dynamic analysis indicators. In this second part of the blog series we will cover the malicious documents and malicious executables. The Attachment (that your IT department would tell you not to…
  • add this feed to my.Alltop

    NSS Labs

  • Cyber Resilience – It’s Not the 98% You Catch That Matters, It’s the 2% You Miss!

    6 Aug 2014 | 12:00 am
    Where the goal of cyberprevention has been to reduce the probability of an attack against the organization, cyber resilience looks to reduce the impact of these attacks through cyber risk management. Assuming that a breach is likely, cyber resiliency of systems and networks is needed to ensure mission survivability in a cyber-compromised environment.
  • It’s Time to Expect More from Your Research

    23 Jul 2014 | 12:00 am
    As any enterprise research manager or IT buyer will attest, finding the right information – and at the right time – is difficult at best. Oftentimes, multiple sources are used to answer one particular question – and then additional tools must still be used to validate those initial sources. Market share data, product comparisons, product roadmap implications, and insights into vendor strategy are separate services, and enterprises must sign up for these different services and then aggregate the data themselves, which can be a formidable task. 
  • Data Privacy Concerns Go Mainstream

    15 Jul 2014 | 12:00 am
    While one might expect to hear about security, privacy, and compliance at the security-oriented RSA Conference in San Francisco, these are less likely to be headline topics at the annual consumer electronics show, Cebit, or the eclectic South by SouthWest (SXSW) event in Austin, TX. But this year, privacy and security were hot topics at Cebit and at SXSW.
  • Understanding Risk and Adjusting Premiums

    8 Jul 2014 | 12:00 am
    As the volume and value of customer and corporate data increases, attackers are more determined than ever. This data has value attached to it, which can be insured, much like any asset would be. However, it can be more difficult to assess the value of digital assets, and more importantly, it is much more difficult to assess the risk that the storage and use of digital assets represents to an organization.This uncertainty in risk transfers to the insurance carrier because of the difficulty in calculating.
  • Sharpen Your Machete and Prepare for the Jungle

    17 Jun 2014 | 12:00 am
    Looking back to the end of 2013 and reviewing 2014 thus far, any security professional would wonder if it is possible to navigate the security landscape successfully. Target announced a serious data breach late last year; Neiman Marcus announced its own breach at the start of this year; and eBay just recently announced a password breach issue. Add to this the same data security and privacy concerns that we had at the end of 2013, and security in 2014 is resembling a jungle, complete with hungry tigers, malaria, and poisonous spiders.
  • add this feed to my.Alltop

    VRT

  • The Windows 8.1 Kernel Patch Protection

    Andrea Allievi
    14 Aug 2014 | 12:22 pm
    In the last 3 months we have seen a lot of machines compromised by Uroburos (a kernel-mode rootkit that spreads in the wild and specifically targets Windows 7 64-bit). Curiosity lead me to start analyzing the code for Kernel Patch Protection on Windows 8.1. We will take a glance at its current implementation on that operating system and find out why the Kernel Patch Protection modifications made by Uroburos on Windows 7 don’t work on the Windows 8.1 kernel. In this blog post, we will refer to the technology known as “Kernel Patch Protection” as “Patchguard”. Specifically, we will…
  • Microsoft Update Tuesday August 2014: Media Center and Internet Explorer

    Yves Younan, PhD
    12 Aug 2014 | 10:37 am
    Another Update Tuesday has arrived, this time bringing us a total of nine bulletins covering a total of 37 CVEs. Two bulletins are marked critical: one for Media Center and the other for Internet Explorer, while the rest are marked "important".MS14-043 covers Media Center and fixes a single use-after-free vulnerability (CVE-2014-4060). This vulnerability could allow remote code execution if a user opens a malicious Office file using Windows Media Center. It affects both Windows 7 and 8.The second critical bulletin is the IE bulletin (MS14-051), providing fixes for a total of 26 CVEs. As is…
  • Apple ID Harvesting, now this is a good phish.

    Joel Esler
    9 Jul 2014 | 8:07 am
    Phishing isn't new.  "So, why are you writing about it?", you ask.I received this one today and it was very well done, so I thought I'd write it up.  Chances are, you've seen these before:If you are familiar with Apple Verification emails, you'll notice the format is almost exactly what Apple uses.  You'll notice that there are hardly any grammar, punctuation or capitalization errors.  Usually, something as simple as the "Dear Customer" would give it away by the insertion of a space between the word "Customer" and ",".  Those of you that look at phish emails all day…
  • Microsoft Update Tuesday July 2014: light month, mostly Internet Explorer

    Yves Younan, PhD
    8 Jul 2014 | 10:15 am
    This month’s Microsoft Update Tuesday is relatively light compared to the major update of last month. We’re getting a total of six bulletins this month, two marked critical, three as important and finally one moderate. These six bulletins cover a total of 29 CVEs, most of which are, as is usual, in Internet Explorer.Let’s start off with the Internet Explorer bulletin, MS14-037. It covers a total of 24 CVEs, 23 of which are memory corruption vulnerabilities that could result remote code execution vulnerabilities and most of those memory corruptions are the result use-after-free…
  • Threat Spotlight: "A String of Paerls", Part 2, Deep Dive

    Joel Esler
    8 Jul 2014 | 7:00 am
    This post has been coauthored by Joel Esler, Craig Williams, Richard Harman, Jaeson Schultz, and Douglas GoddardIn part one of our two part blog series on the “String of Paerls” threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described our methodology in grouping similar samples based on Indicators of Compromise: static and dynamic analysis indicators. In this second part of the blog series we will cover the malicious documents and malicious executables. The Attachment (that your IT department would tell you not to…
 
  • add this feed to my.Alltop

    Private WiFi

  • Mobile Threats: What You Need to Know About Mobile Payment Risks and Responsibilities

    Alok Kapur
    20 Aug 2014 | 1:20 am
    As we continue to rely on the precarious mix of mobile banking & payments, mobile apps, and public WiFi hotspots, it’s perhaps not such a surprise that online bank fraud is escalating. Quite a bit of this fraud is perpetrated by malicious apps that users inadvertently download on their mobile devices. App developers with malicious intent have become quite adept at concealing the surreptitious nature of these apps. According to security firm RiskIQ's study, the number of malicious apps on the Google Play store increased by 388 percent from 2011 to 2013. The firm says it considered an app…
  • 4.5 Million Risk ID Theft After Hospital Network Hacked

    Elaine Rigoli
    19 Aug 2014 | 1:40 am
    Community Health Systems, a company that operates 206 hospitals across the United States, has admitted that hackers recently broke into its computers and stole data on 4.5 million patients. It's believed that the hackers did not gain access to medical histories or credit card information -- but perhaps worse -- they were able to obtain names, Social Security numbers, addresses, and other information that could be used for identity theft. Tech publication ComputerWorld says "companies that suffer major data breaches almost always portray themselves as victims of cutting-edge malware and attack…
  • Russia’s Latest Privacy Outrage: All Public WiFi Users Must Identify Themselves

    Kent Lawson
    18 Aug 2014 | 8:46 am
    Want to log onto public WiFi in Russia? Well, according to a new law recently passed there, if you want to use public WiFi anywhere in the country, you must now provide information that completely obliterates any online privacy, apparently so Russian authorities can track everything you do online. This is undoubtedly an outrage, both in terms of Russian citizens’ personal freedom and the right to not be tracked by government authorities. And it’s not the only thing the Russian government is doing to curtail Internet freedom. The Scope of the Decree There is some confusion whether or not…
  • Goodwill Data Breach: Even Charities Are Susceptible to Cyber Criminals

    Eva Velasquez
    15 Aug 2014 | 1:00 am
    While investigators are still working to determine the extent of a possible breach, it’s believed that Goodwill stores in as many as 21 states may have been hacked for the credit card data of consumers who’ve shopped at the thrift stores. Some signs have led investigators to believe these cybercrimes may have begun as early as May of 2012. While Goodwill Industries International has not commented on whether the news that first broke in early July is even true, a statement on the charity’s website does confirm that they were contacted by federal investigators about the possibility that…
  • WiFi to Get Faster and Overtake Wired Traffic by 2018

    Jared Howe
    12 Aug 2014 | 1:02 am
    The next generation of WiFi technology will be able to transmit over 7 Gbps (gigabytes per second) data speed, and by 2018, worldwide WiFi traffic will overtake wired traffic for the first time ever. This means that as fast as things move now in the digital world, they will begin to move even faster. 802.11ac and Beyond 802.11 is the wireless networking protocol (you might know it by its common name of “WiFi”), which was developed starting in the 1990s. The Institute of Electrical and Electronics Engineers Standards Association (IEEE-SA) is an organization that develops global standards…
  • add this feed to my.Alltop

    Pivot Point Security

  • Will Nonconformities Prevent My Firm from Achieving ISO 27001 Certification?

    John
    19 Aug 2014 | 4:00 am
    One of the most frequently misunderstood elements of the ISO 27001 certification process is the area of “findings” and/or nonconformities. One of our ISO 27001 Lead Implementers recently shared his observations on the types/levels of findings he has seen in his audits, which are worth passing along: N/A — Effectiveness of controls could not be measured at the time of the audit due to lack of information, timing, etc. Effective –The requirement is met. Observation — Notes on a benign, anomalous event; a non-mandatory recommendation. Opportunity for Improvement —…
  • Arnold Schwarzenegger, World Hunger, and The Internet of Things

    John
    5 Aug 2014 | 4:00 am
    There aren’t many benefits to having been in the game long enough to have proudly owned an iPAQ Pocket PC… except perhaps “perspective.” At least once a year there is a new technological development that creates an inordinate hubbub, and this is one place where perspective really helps. For example, web services have been evolutionary, not revolutionary. “The Cloud,” on the other hand, has truly been significant, but more so in a business context than a technological one. Now the fuss is about the “Internet of Things” (IoT). I have quickly grown weary of reading…
  • Charles Dickens, the Target Breach and Being a CISO

    John
    29 Jul 2014 | 4:00 am
    Major data breaches aren’t uncommon. Think TJX, Sony, Heartland Payment Systems, RSA, etc. The Target Corporation’s data breach was different. The breach itself was entirely unremarkable. It was the ramifications of the breach that were truly noteworthy, as the CEO of the company lost his job over it. If you’re a CISO, your CXO suite is suddenly keenly aware of your Information Security posture. No one likes to lose their job, especially one whose salary includes two commas. Being a CISO is one of the hardest roles in our industry.  Without the CXO suite’s commitment and…
  • Still Think You Don’t Need to Patch Internal Systems?

    Mike
    8 Jul 2014 | 4:00 am
    If Pivot Point Security’s clients are any indication, there are a lot of SMBs out there—even in highly vulnerable and heavily regulated verticals like banking—where patching internal systems is seen as a low priority and rarely happens. This is because “hackers would have to get on our network” to do any damage, so why bother? This attitude reflects a lack of understanding about the true risk associated with running outdated software. Unless you’re locking down access to internal systems using some pretty sophisticated technology, you’re highly vulnerable to rogue entities that…
  • The Rising Cost of ISO 27001 Certification

    John
    1 Jul 2014 | 4:00 am
    As ISO 27001 and related attestation standards have grown in importance and popularity, so too has the cost of getting ISO 27001 certified. In July 2012, I penned a blog post in which I estimated the cost of ISO 27001 certification at that time at $48,000. Based on a quick review of the ISO 27001 projects that Pivot Point Security has done over the last year, the average is now in the $80,000 range. That is a remarkable change in a very short period of time. Why has the cost of ISO 27001 certification gone up by about 60% in less than two years? As I see it, there are two primary reasons:…
 
  • add this feed to my.Alltop

    HOTforSecurity

  • Chrome web browser toughens up, blocking “deceptive” downloads

    Graham Cluley
    19 Aug 2014 | 11:24 pm
    Google’s Chrome web browser already warns users when it believes they are about to download software designed to infect their computer, or visit a website that appears to be malicious. But straightforward malware isn’t the only problem that internet surfers regularly stumble across on the net. Another commonly-encountered nuisance are the programs that can pretend to do something useful on your PC, but carry the unexpected baggage of changing your homepage or meddling with your browser settings to ones that you don’t want. The good news is that Google appears to realise just…
  • Anonymous Targets Ferguson, Missouri in #OpFerguson; DDoS Attack on Local PD Web Site

    Lucian Ciolacu
    19 Aug 2014 | 3:29 am
    The Anonymous hacktivist group has targeted the Ferguson, Missouri administration and police department web site in an operation dubbed #OpFerguson, according to an announcement on Pastebin. The #OpFerguson campaign started shortly after a police officer shot an unarmed black teenager in Ferguson, Missouri. At the same time, protests calling attention to racial discrimination grew and a curfew was enforced as the National Guard was called in to stop the movement. Photo Credit: Operation Ferguson web site “St. Louis County Police tells NBC News they are under `some sort of…
  • Some Windows 7 PCs bricked by Microsoft after faulty Patch Tuesday update

    Graham Cluley
    18 Aug 2014 | 6:48 am
    Has your Windows computer been stuck in an endless Blue Screen of Death hell since last week? Chances are it may be connected to the Patch Tuesday updates that Microsoft issued last week. As ComputerWorld reports, a lengthy thread on Microsoft’s support forums reveal that many users have been hit by a so-called “Blue Screen of Death” (BSOD) 0×50 Stop error message. The dodgy update which appears to have caused the problem is MS14-045, a security update for the Windows kernel-mode drivers. Frustration amongst those hit by the problem grew towards the end of last week, as…
  • Albertson’s and SuperValu Retailers Breached; Credit Cards Exposed

    Lucian Ciolacu
    18 Aug 2014 | 6:17 am
    US retailers Albertson’s and SuperValu have had their payment networks breached by hackers, according to CNN Money Both chains announced on Friday that the massive breach impacted their subsidiary stores as well. “SUPERVALU believes that the payment cards from which such cardholder data may have been stolen were used … at the 180 SUPERVALU stores and stand-alone liquor stores … operated under the Cub Foods, Farm Fresh, Hornbacher’s, Shop ’n Save and Shoppers Food & Pharmacy banners,” SuperValu said. “The intrusion may also have resulted in the theft of such…
  • Car Makers Urged to Sign Security Manifesto against Hacking

    Bianca Stanescu
    14 Aug 2014 | 7:56 am
    Automobile manufacturers could deter hackers from hijacking cars by following a five-principle manifesto, according to I Am The Cavalry, as quoted by The Register. The security pressure group wrote an open letter to car makers, urging them to increase their products’ security. “Modern vehicles are computers on wheels and are increasingly connected and controlled by software and embedded devices,” I am the Cavalry co-founder Josh Corman said. “New technology introduces new classes of accidents and adversaries that must be anticipated and addressed proactively,” he said. “Malicious…
  • add this feed to my.Alltop

    Data In Motion

  • 3 Ways to Maximize the Value of Your MFT Consultant

    Tom Scearce
    12 Aug 2014 | 8:30 am
    Share and Enjoy Share on Facebook Retweet this Submit this to Stumble this Reddit this Experienced consultants can help you deliver an effective, comprehensive managed file transfer (MFT) implementation to IT, management, and users. But what level of expertise should your consultant offer? And what should MFT consulting services include? Here are three different ways to get the most value from your MFT consultant or consulting team: 1. Invest in a bundle. If your MFT solution provider bundles consulting services with software, take advantage. Why bundles? Because they can lower the price of…
  • The Public Cloud – Is it Safe for Enterprise Files?

    Tom Scearce
    31 Jul 2014 | 3:21 pm
    Share and Enjoy Share on Facebook Retweet this Submit this to Stumble this Reddit this The enterprise file-sync-and-share (EFSS) market has been heating up for the past few years. There are now more than 120 vendors in this space and nearly all of them leverage the public cloud — infrastructure operated by 3rd parties – for storing files on behalf of enterprise users. The way many of these vendors market to enterprises is rather clever. In a nutshell, here’s how it works: Target tech-savvy consumers and mobile professionals with free, easy-to-use file sharing software. Give generous…
  • Preparing for an MFT Rollout

    Tom Scearce
    29 Jul 2014 | 8:30 am
    Share and Enjoy Share on Facebook Retweet this Submit this to Stumble this Reddit this At enterprises, rolling out new technology often portends an extended period of adjustment. There are new procedures, new rules, and new software. Everything is new, and that’s good. But it’s also… confusing. Thankfully, it doesn’t have to be that way. In fact, pre-deployment should be anything but confusing. It should be productive. It should be … empowering. So, how should you prepare for an effective MFT rollout? Here’s a realistic blueprint for how things ought to unfold: Communication…
  • Integrating File Transfer Solutions with Applications and Directories

    Tom Scearce
    15 Jul 2014 | 8:30 am
    Share and Enjoy Share on Facebook Retweet this Submit this to Stumble this Reddit this Integrating applications improves speed, efficiency, and business process innovation. And thanks to today’s interconnected, globalized workplace, the need for robust application integration holds more urgency than ever before. That being the case, it should come as no surprise that managed file transfer (MFT) technologies aren’t exempt from the application integration trend. In fact, an MFT solution’s ability to integrate with other business-critical applications is uniquely important since so many…
  • Antivirus, File Integrity, and Interrupted File Transfers – Oh, my!

    Tom Scearce
    1 Jul 2014 | 8:30 am
    Share and Enjoy Share on Facebook Retweet this Submit this to Stumble this Reddit this Expansive feature lists can make any managed file transfer (MFT) solution sound attractive. But what counts are the features you’ll use, and identifying them prior to actually implementing MFT can generate a storm of confusion. While every organization should determine which features matter most to them, there are some components no MFT solution should be without. Some of those are antivirus protection, file integrity checks, and the ability to restart interrupted file transfers. Antivirus protection Can…
  • add this feed to my.Alltop

    Infosec Communicator

  • The Secure Communicator

    bwadmin
    17 Aug 2014 | 1:39 pm
    I had the pleasure of discussing information security best practices for technical communicators through an STC webinar. Here’s the presentation: … Continue reading →
  • Updated Shock-proofing your Use of Social Media Presentation

    bwadmin
    15 Aug 2014 | 11:08 am
    I’ve updated my Shock-proofing your Use of Social Media presentation for the Fall 2014 New Student Orientation program at the Rochester Institute of Technology. I’ve changed the passphrase example, added a new cartoon, and generally worked to make the presentation … Continue reading →
  • A Techcomm Bestiary, Summit14 edition

    bwadmin
    7 May 2014 | 12:23 pm
    I’ve changed out one slide from the Spectrum14 presentation. Looking forward to presenting this to a crowd at the STC Summit in Phoenix. … Continue reading →
  • A Techcomm Bestiary, Spectrum 2014

    bwadmin
    21 Apr 2014 | 2:38 pm
    I thought this came together pretty well and I had a great time presenting my first revision of A Techcomm Bestiary at STC Rochester’s Spectrum 2014. I may make a couple of slide changes before the STC Summit, but this … Continue reading →
  • The Secure Communicator–upcoming webinar

    bwadmin
    17 Apr 2014 | 5:16 am
    Has the Heartbleed bug made you more aware of the challenges you face trying to protect confidential or private information online? I’ll address the impacts of Heartbleed and other threats to your security in “The Secure Communicator,” an STC Education … Continue reading →
 
  • add this feed to my.Alltop

    Dice News » Security

  • Can Defense Companies Hire Hackers on Their Terms?

    Mark Feffer
    13 Aug 2014 | 7:15 am
    Big-name aerospace and defense contractors like Boeing, Raytheon and Northrop Grumman are beginning to think that one answer to their cybersecurity recruiting needs  lies in the hacker community. After all, if you want to combat attacks from people who think out of the box, why not hire people who think out of the box? It’s ironic because all of these companies are known for being somewhat conservative—they work for the Defense Department, after all, and security to them is a high-stakes thing. The idea of recruiting from the ranks of the somewhat anarchic hacker community might seem…
  • IT Security Pros: Are You Worth a Million Dollars a Month?

    Nick Kolakowski
    30 Jul 2014 | 6:05 am
    Keith Alexander, former director of the National Security Agency (NSA), has decided to make money in retirement—a whole lot of money. According to reports, he wants corporations to pay him up to a million dollars a month for his IT security expertise. Alexander insists that he’s providing value for the money, in the form of proprietary technology that he claims will detect hackers who infiltrate corporate networks to steal everything from credit-card numbers to proprietary data. In a recent interview with Foreign Policy, he said that he and his business partners would file patents on the…
  • Internet of Things Increases Need for Security Pros

    Susan Hall
    21 Jul 2014 | 8:56 am
    The sheer number of “things” to be secured in the Internet of Things is expected to create a rash of jobs in cybersecurity over the next several years. “You’re going to have to secure the device or the sensor, you need to secure the data, and you’re going to have to secure that across an open network,” Intel’s head of business marketing, Stuart Dommett, told an IoT roundtable in May. “It really is a massive, massive change.” Click here to find cybersecurity jobs. Intel has argued previously that the IoT, which is expected to see 26 billion connected devices by 2020,…
  • Is This New Cyber Forensics Certification Worth the Investment?

    Myra Thomas
    21 Jul 2014 | 8:14 am
    Continued pressure on cybersecurity systems is making professionals with security and forensic experience extremely attractive to employers. Not surprisingly, related certifications are gaining more attention, including one of the newer ones: the CCFP, or Certified Cyber Forensics Professional from the (ISC)². According to (ISC)² Executive Director W. Hord Tipton, the organization saw a need for a certification that was broader than those available for professionals working in and around law enforcement, intelligence, litigation, consulting and computer security. The CCFP’s target…
  • Cyberattacks Focus Employers on Security Certifications

    Myra Thomas
    9 Jul 2014 | 7:13 am
    Continuing cyberattacks like those mounted against Target, eBay and Apple are pressuring companies to emphasize security even more than they have been to date. When it comes to hiring, that’s adding to the importance of certifications in IT audit, security, governance and risk. In many cases, that importance is translating into pay premiums for professionals that hold the credentials. Click here to see security jobs. Among the certifications in greatest demand are those from ISACA, an international association that focuses on IT governance. Indeed, according to the most recent IT Skills and…
  • add this feed to my.Alltop

    Seculert Blog on Advanced Threats and Cyber Security

  • Enterprise Cybersecurity Strategy Moves CEOs “Front & Center”

    Liora R. Herman
    19 Aug 2014 | 6:10 pm
    In what he hails as a wake-up call for his fellow CEOs, Sentek Global’s Eric Basu latest article on Entrepreneur.com pointedly entitled “CEOs Can No Longer Sit By on Cybersecurity” is also must-read for all executives who want their enterprise to avoid becoming the next example of failed cybersecurity – and making the headlines for […] The post Enterprise Cybersecurity Strategy Moves CEOs “Front & Center” appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Closing the Cyber Security Skills Gap Requires More Money

    Liora R. Herman
    13 Aug 2014 | 4:38 pm
    A RAND report entitled “Hackers Wanted: An Examination of the Cybersecurity Labor Market” is advising organizations in general – and the US Federal Government in particular — that in order to stay at least one step ahead of the bad guys, they need to dole out more cash so they can recruit and retain desperately-needed […] The post Closing the Cyber Security Skills Gap Requires More Money appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Cyber Threats: Assume You’ve Been Breached

    Liora R. Herman
    12 Aug 2014 | 2:58 pm
    A new video published by The Economist entitled “A Special Report on Cyber-security: Defending the digital frontier,” is sending an essential – albeit chilling – message to enterprises around the world: the smartest thing you can do is assume that your network defense system has already been breached by cyber threats. Referring to major developments […] The post Cyber Threats: Assume You’ve Been Breached appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • Takedowns: Touchdown or Turnover?

    Aviv Raff
    31 Jul 2014 | 5:00 am
    Over the last several months malware takedowns have made headlines. But what is really involved in such an operation? The recent takedowns have been a collaborative effort mostly between the private sector and government entities, with academic researchers also playing a role. While some operations included arrests, and others included a civil lawsuit, the same […] The post Takedowns: Touchdown or Turnover? appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • How to Find and Remove the Cyber Attacker that Has Already Breached Your Defenses – White Paper

    Liora R. Herman
    30 Jul 2014 | 4:03 am
    For enterprises, the current cyber threat landscape is more perilous than ever — and things are only going to get worse. That’s because not only are today’s advanced threats designed to evade traditional legacy security systems, but the bad actors behind them are highly motivated, fully resourced, and well prepared. What’s more, they’re actively buying […] The post How to Find and Remove the Cyber Attacker that Has Already Breached Your Defenses – White Paper appeared first on Seculert Blog on Advanced Threats and Cyber Security. [[Read more...]]
  • add this feed to my.Alltop

    Managed File Transfer and Network Solutions

  • How to Setup High Availability File Transfer Servers

    John V.
    13 Aug 2014 | 4:50 pm
    Overview One of the challenges of setting up a high availability environment for transfer servers is in making sure the servers involved have the same configurations. But if you're using JSCAPE MFT Server, there's an easy way. JSCAPE MFT Server's Failover module allow you to synchronize your servers either automatically or manually with a single click.   Configuring Failover Settings on your JSCAPE MFT Server Let's say you have two JSCAPE managed file transfer servers and you want to achieve high availability file transfer services. The solution? Apply load balancing. Here's a…
  • Rotating and Archiving Logs in JSCAPE MFT Server

    John Carl Villanueva
    11 Aug 2014 | 6:51 pm
    Overview A client wanted to know if there was a more efficient way of archiving and/or deleting old log files to clear up some storage space on their managed file transfer server. They were currently doing things manually and he understandably wanted to adopt some form of automation. Fortunately, JSCAPE MFT Server offers a solution and we'd like to detail the steps here so that anyone else interested may also follow it. Warning We do not recommended you to delete logs. These can be very important for audit purposes, especially for companies who are subject to regulatory compliance. Instead of…
  • PayPal's Vulnerability Exposes Security Gap

    Chris Vale
    11 Aug 2014 | 8:59 am
    Major companies have been on the alert this year following the high-profile data breaches of several well-known companies, including Target and PF Chang's. Target's data breach, which affected 70 million customers in total, cost the company millions of dollars, as well as the value of consumer trust. Could trusted commerce website PayPal be potentially under fire, as well? Several weeks ago, researchers working at Duo Labs identified a vulnerability in PayPal's mobile security mechanism. It's two-factor authentication system is supposed to provide an extra layer of protection, combining…
  • 2 Ways to Generate an SFTP Private Key

    John Carl Villanueva
    5 Aug 2014 | 12:34 pm
    Overview One of the major security features of SFTP is public key authentication. This method of authentication allows JSCAPE MFT Server to verify a user's identity during login by asking for a secret item only he, the user, has. That something is an SFTP private key file. But how can a user get hold of such a file? In this post, we'll show you how. In fact, we'll show you two places where a private key file can be obtained.  The first place is in the Key Manager, which can be reached via the JSCAPE MFT Server Manager and hence can only be accessed by a server admin. The second place is…
  • How To Set Up and Login with OpenID SSO

    John Carl Villanueva
    5 Aug 2014 | 12:40 am
    Overview We already introduced you to the basic concepts and benefits of OpenID, SAML, and SSO in general. Today, we finally get our hands dirty as we dive into the JSCAPE MFT Server environment and teach you how to enable OpenID Web SSO there. After that, we'll show you how your users can login using their own OpenID account.  Ready? Let's get started. Setting Up OpenID Web SSO in JSCAPE MFT Server Before you set up OpenID Web SSO, make sure you've already enabled your JSCAPE MFT Server for web-based sessions. You can find instructions for enabling web-based sessions in the article How…
 
  • add this feed to my.Alltop

    Radware Blog

  • Improving Customer Value with Collaborative Design

    Travis Volk
    13 Aug 2014 | 8:41 am
    One challenge all business leaders have in common is the expectation to customize products and services for their largest customers.  Reflecting on several collaborative designs with my most demanding customers, I recognized a benefit in the process that was not obvious from the beginning — mutually beneficial relationships have gone beyond good support and competitive pricing.  Providing extensibility of solutions allowing customers to differentiate services has become necessary as framework consolidation and service velocity increases. Going further to meet the demands of our…
  • Why Do So Many Ecommerce Sites Make the Same Three Usability Mistakes?

    Tammy Everts
    4 Aug 2014 | 9:24 am
    If you work on an ecommerce site, you don’t need me to tell you that building and maintaining an online retail presence is fraught with challenges. Web pages are more dynamic and more complex than ever. And at the other end of the equation, shoppers have ever-increasing expectations for better prices, richer content, and faster experiences. Meeting these demands isn’t always easy, which is why, when we conducted our latest quarterly research into the performance of the top 500 retail websites, we weren’t completely surprised to learn that many of the top retailers are making…
  • A Mid-Year Recap: 2014 Network Security Predictions We Saw Coming

    Carl Herberger
    31 Jul 2014 | 8:24 am
    Several months ago, following an in-depth analysis of attack methods and defense techniques, the Radware Emergency Response Team (ERT), developed a set of network security predictions that the industry could face this coming year. Let’s take a look at their forecast and see where we stand now. Surge in critical infrastructure outages. Advanced countries are more likely to experience widespread cyber-attack disruptions to services like power generation, water supply and first responder services. Somewhat TRUE. The threat has been present, but fortunately security professionals have been able…
  • REPORT: State of the Union for Ecommerce Page Speed & Web Performance [Summer 2014]

    Tammy Everts
    22 Jul 2014 | 6:37 am
    Here at Radware, our latest research into the performance and page composition of top retail sites finds that the year-over-year trend toward bigger pages that take longer to load has continued. The median top 100 ecommerce page takes 6.2 seconds to render its primary content, 10.7 seconds to fully load, and weighs in at 1677 KB. The result? The median page takes 27% longer to begin rendering than it did just one year ago. Keep reading to find out how to mitigate the impact of “page bloat” and deliver the best possible user experience to online customers. Click to enlarge In…
  • 6 Types of DDoS Protection for Your Business

    David Monahan
    14 Jul 2014 | 7:55 am
    David Monahan is Research Director for Enterprise Management Associates (EMA) and is a featured guest blogger. DDoS attacks have become commonplace these days.  The offending attackers may be hacktivists, cyber-criminals, and nation states or just about anyone else with an Internet grudge and a PayPal or Bitcoin account.  These attacks themselves often require no technical skill.  Someone with a bone to pick can simply purchase the use of any number of nodes on one or more botnets for an hourly fee (long term rate discounts available); use a Graphical User Interface (GUI) to organize the…
  • add this feed to my.Alltop

    pfSense Setup HQ

  • Unbound DNS: Additional Settings

    maximumdx
    19 Aug 2014 | 6:00 am
    In the previous article, we introduced Unbound and covered some of the most common settings. In this article, we will cover some additional settings. Under Services -> Unbound DNS, the “Unbound DNS Settings” tab has a subheading called “Statistics“. Unbound provides various statistics relating to the number of queries that Unbound handles. These statistics are printed to the Unbound log file, which can be found at /var/log/unbound.log. This log file is viewable via Status: Package logs or via the command line using the command “clog“. There are a few…
  • Unbound DNS

    maximumdx
    15 Aug 2014 | 6:00 am
    Configuring Unbound DNS in pfSense. Unbound DNS is a validating, recursive and caching DNS server software product. The C implementation of Unbound is developed and maintained by NLnet Labs, and is based on ideas and algorithms taken from a Java prototype developed by Verisign labs, Nominet, Kirei, and ep.net. It is distributed free of charge under the BSD license. Unbound can run as a server, as a daemon in the background, answering DNS queries from the network. Alternatively, it can link to an application as a library, and answer DNS queries for the application. Here, we are concerned with…
  • Securing Ports and Services

    maximumdx
    11 Aug 2014 | 6:30 am
    A computer system that is not connected to a network is a rarity. While this provides some flexibility in terms of remote services, data and information that are available, it also brings considerable risks. It is probably correct to assume that any computer connected to a network is in danger of being attacked in some way. Secure computer environments, in many cases used by government defense organizations, often have no contact with the outside world, even if they are networked to each other, and as a result, they often have greater success in securing ports and services. The predominant…
  • Software Exploits

    maximumdx
    4 Aug 2014 | 2:00 pm
    A software exploit is a piece of software or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur. Software applications and the operating systems on which the run are vastly complex entities. Regardless of how carefully written and thoroughly tested a piece of software is, it typically will contain bugs or vulnerabilities that can be exploited. Such software exploits frequently include things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service attack. Types of…
  • TCP/IP Hijacking

    maximumdx
    30 Jul 2014 | 2:00 pm
    TCP/IP hijacking is a technique that uses spoofed packets to take over a connection between a victim and a host machine. It is similar to a man-in-the-middle attack, except that the rogue agent sends a reset request to the client so that the client loses contact with the server while the rogue system assumes the role of the legitimate client, continuing the session. This technique is especially useful when the victim uses a one-time password to connect to the host machine. A one-time password can, as its name implies, be used to authenticate once and only once; thus, sniffing the…
  • add this feed to my.Alltop

    Tips4Tech Blog

  • Is Your Business Ready for the Cloud?

    Allan Pratt
    2 Aug 2014 | 10:17 am
    These days, wherever you go, there’s always someone extolling the virtues of cloud computing. How often has someone at your monthly C-Suite meeting said, “Cloud computing is the answer to XYZ?” But then the conversation takes an unintended turn, and the focus never returns to defining either the question or the answer. According to Wikipedia, cloud computing is “the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network…
  • Does Your Business Conduct Regular Security Audits? Here Are 3 Tips

    Allan Pratt
    15 Jul 2014 | 5:36 pm
    Thanks to the numerous security breaches in the news, the C-suite members of your business should be thinking about regular security audits. While size does matter, the more employees you have and the more data you generate, security audits are critical to the long-term stability of your business. And remember, no one is immune to a data breach. Wondering where to start? Check physical security first. Then work your way in. The simplest way to steal data is to steal the device where it’s stored. You would be surprised by the number of businesses that don’t do the easy things. They…
  • Address Books, Webmail and the Cloud

    Allan Pratt
    9 Jul 2014 | 8:17 pm
    To All businesses Who Use Address Books on Webmail: stop and learn why your data may be at risk. Instead of Webmail, use a third-party email client such as Outlook or Thunderbird. Recently, I was hacked. No one is immune – even those of us in the infosecurity field can get hacked. The situation occurred in an email account that I use for professional correspondence outside of my day job. I have a client in the medical profession who uses Gmail for his email correspondence, and recently, the doctor was hacked. He keeps all of his patient email addresses as well as friends and family in the…
  • Does Your Business Fail the Customer Privacy Test?

    Allan Pratt
    27 Jun 2014 | 10:01 pm
    I had a recent experience where my privacy was compromised, and based on the inaction by the company, I wonder how many experiences I encounter that are not as obvious. I visited a local branch of a national financial institution to make a deposit (yes, I still walk into banks every now and then), and after I gave my endorsed check and deposit slip to the teller, he placed them face down into a clear plastic box that was in front of him. The box was in clear view of the customer opposite him (me). If the next customer did not make a deposit, no papers would go into the box to cover my items.
  • 5 Ways to Prepare for Data Breaches – Before It’s Too Late

    Allan Pratt
    2 Jun 2014 | 8:34 pm
    I read a recent post that has stuck with me. The question raised was how do businesses, especially midsize businesses, budget for insider threats: “Midsize firms simply cannot afford data breaches, no matter what the cause. [But] a company that considers insider threats can take preventive steps. Employees may require access to sensitive information to remain productive, but ensuring that appropriate security steps are taken is KEY to keeping a firm running as smoothly as possible.” While applying policies such as “least privilege” or “implicit deny” may help keep the…
 
  • add this feed to my.Alltop

    blackstratus.com

  • Traditional and Software-Defined Networking

    Rich Murphy
    5 Aug 2014 | 3:00 am
    Software-defined networking (SDN) has emerged as a buzzword in recent years, though many outside of the IT sector seem uncertain about what the term actually means — especially in relation to cloud computing. What Is Software-Defined Networking? Software-defined networking was pioneered between 2008 and 2011 by work done at Stanford University and the Nicira Company (now part of VMware). The basic premise behind SDN is that by separating control of network functions from hardware devices, administrators acquire more power to route and direct traffic in response to changing requirements. As…
  • Understanding Cloud Security Models

    Don Carfagno
    22 Jul 2014 | 2:00 am
    When speaking about security and cloud computing, it’s important to distinguish among three separate models for service delivery: public, private and hybrid. Each model represents a different approach to software-as-a-service and can have different security implications. The public cloud — Public cloud service is delivered over the Internet, typically on a pay-per-use model, meaning a business is charged only for the storage it needs. Public cloud models are ideal for small- or medium-sized organizations that prioritize collaboration. Because public cloud service providers rely on…
  • How to Implement Server Virtualization in Your Business

    Rich Murphy
    1 Jul 2014 | 3:00 am
    In a business environment where IT managers are constantly being asked to do more with less, server virtualization represents an easy way to maximize your existing resources. Although server virtualization has gained popularity in recent years, there’s still some confusion about how it works, what the benefits are and how to get started. Let’s take a look at some of the best ways to implement server virtualization in a small or medium sized business environment. What Is Server Virtualization? Server virtualization is a process when a physical server is segmented into a number of…
  • Security and Operational Efficiency

    Don Carfagno
    27 Jun 2014 | 11:47 am
    Too often, IT managers think of their job in terms of striking a balance between institutional security and operational efficiency. The truth is, however, that an agile security posture will be easy and cost-effective to maintain while still providing complete protection of your data, applications and other valuable assets. In fact, the key to efficient, effective security is not necessarily to throw money at the problem, but to prioritize how and when resources are deployed. Some areas to focus on include: User training: Many IT managers assume that users will know how to securely access…
  • 17 Best Practices for Maintaining Data Security in a Business Environment

    Rich Murphy
    9 Jun 2014 | 6:57 am
    No matter what business you’re in, protecting your data from threats and accidental compromises is a critical concern. Several recent high-profile incidents have exposed just how vulnerable retailers, educational facilities, government contractors and other organizations are. According to Forbes Magazine, corporate network security is an over $60 billion industry. However, before you invest in the latest expensive technology, it’s important to plan properly. This will help you make the most of your budget without compromising the level of protection your intellectual property,…
  • add this feed to my.Alltop

    Milton Security

  • Community Health Systems Hit by Data Breach. 4.5 Million Affected

    Bethany Nolan
    18 Aug 2014 | 10:07 am
    Community Health Systems, Inc. has confirmed that its computer network was the target of an external, criminal cyber attack between April and June of this year that has affected the data of approximately 4.5 million people. Community Health Systems is a Fortune 500 company that provides non-urban general hospital healthcare services. It operates 209 hospitals in 29 states. The company believes the attacker was an “Advanced Persistent Threat” group originating from China using highly sophisticated malware and technology to attack the systems within in the company. They were able to bypass…
  • Robin Williams “Suicide Note” Dupes Facebookers

    Bethany Nolan
    18 Aug 2014 | 9:33 am
    If you’re anything like me, you spent most of last week clicking on every Robin Williams link you could get your hands on.  Jimmy Fallon’s impression of Robin Williams is pretty incredible, and if you didn’t tear up watching Mr. Williams and Koko the Gorilla, you may need your tear ducts checked. Luckily for me, I work in Information Security and am skeptical about every link I see.   I make sure that what I’m clicking on comes from a reliable source and that the link can be found in multiple trusted places. Not everyone is so fortunate. This isn’t the first time I’ve discussed…
  • Anonymous and Police disagree on the name of the Ferguson shooter

    Bethany Nolan
    15 Aug 2014 | 8:54 am
    Members of the worldwide hacktivist group, Anonymous, have made it their mission to uncover the name of the Ferguson, Missouri law enforcement officer involved in a shooting, and they have achieved their goal.  Or have they?  Ferguson police are saying they’ve got it wrong. On Saturday, August 9th, an 18 year old African American male, Michael Brown, allegedly assaulted a police officer. The police report states that Brown was unarmed, but during the tussle he reached for the officer’s gun. Shots were fired, and Brown was fatally wounded. However, eyewitness and police accounts…
  • Snowden makes more claims against NSA

    Bethany Nolan
    14 Aug 2014 | 10:09 am
    Edward Snowden, who doesn’t really need an introduction anymore, is making new claims regarding the NSA. Back in November 2012, Syria, in the midst of civil war, suddenly lost all internet connection. Panic ensued, and the internet didn’t come back up for almost a day. At the time, hackers from both sides had been attacking websites belonging to their opposers. It was widely assumed that one or both sides were responsible. Edward Snowden is claiming otherwise. Snowden is claiming that our very own NSA was responsible for the Syrian Internet blackout. According to an interview in popular…
  • Super High Res Image Satellite is Launched

    Bethany Nolan
    13 Aug 2014 | 2:35 pm
    Companies with satellite maps, such as Google and Microsoft, are about to gain the ability to have an even clearer vision of Earth. A satellite capable of taking the highest legal resolution images, has today been launched in to space from California’s Vandenberg Air Force Base onboard an Atlas 5 rocket by Lockheed Martin Commercial Launch Services. Up until June 2014, the highest resolution images a satellite could sell legally was 50cm-resolution. It was legal to provide such imagery for the US Government and NASA. However, The Commerce Department approved leading high-resolution…
  • add this feed to my.Alltop

    Cyberoam : Securing You

  • Remote Code Execution Vulnerability Found in Samba nmbd

    Cyberoam Threat Research Labs
    8 Aug 2014 | 5:10 am
    According to an advisory released by Samba, all its versions are affected by a heap-based buffer overflow flaw, which was detected in Samba’s NetBIOS name services daemon (nmbd). In extreme cases, this vulnerability can allow intruders to gain super-user permissions on a network. Samba enables file and print services between Microsoft Windows machines and those which have a different OS. It is a free open source implementation of the SMB/CIFSnetworking protocol.The nmbd and smbd daemons are part of the Samba suite controlled by the smb (Server Message Block) service. The primary…
  • Cyberoam Secures Against Backdoor.Linux.Kiler.A Malware

    Cyberoam Threat Research Labs
    5 Aug 2014 | 3:58 am
    Backdoor.Linux.Kiler.A – the malware which affects Linux Distros and Linux Kernel Project – is now neutralised by IPS upgrade version 3.11.76. Cyberoam Threat Research Labs had reported the malware earlier in July 2014. The latest IPS Release includes 62 signatures which address 40 vulnerabilities including this malware.Cyberoam customers with active Intrusion Prevention Systemsubscription on their UTMs/NGFWs will automatically receive this upgrade. The Cyberoam Intrusion Prevention System shields the network from known attacks by matching the network traffic against the signatures in the…
  • Crypto Currency Mining Using Free Cloud Accounts!

    Cyberoam Threat Research Labs
    4 Aug 2014 | 10:40 pm
    Cloud offers endless opportunities to people who want to cut their computer infrastructure costs. Firms can consolidate multiple applications by hosting in highly virtualise ddata centres. They can achieve economies of scale by using the multi-tenancy feature offered by Cloud. Due to its benefits, Cloud is rapidly being adopted by businesses across all sectors. In fact, these days one can use a Cloud service to mine crypto currencies. There are numerous Cloud companies in the business offering such a service. With Cloud mining, one can benefit from the shared processing power of several…
  • Cyberoam Secures Against Dropbox Malware KDR_PLUGX.ZTBF-A

    Cyberoam Threat Research Labs
    1 Aug 2014 | 3:40 am
    A few weeks ago, Cyberoam had reported the targeted attack against a government agency in Taiwan. The malware was named ‘KDR_PLUGX.ZTBF-A’ and the targeted attack is known as the first attack to use a cloud service (Dropbox) as a host for updates to the C&C centre. Cyberoam has now released IPS signatures in IPS upgrade 3.11.75, for runtime detection of this malware. Signature release date: 29.07.2014 Upgrade type: Auto upgrade for Cyberoam Appliances Signature name:  Malware Backdoor.Win32.Plugx.H Runtime Detection Default Action: Drop The Cyberoam Intrusion Prevention System…
  • Malware Alert –RansomwareWin32/Critroni.AFound Leveraging Tor Network

    Cyberoam Threat Research Labs
    31 Jul 2014 | 11:26 pm
    The US Department of Justice recently declared that it has finally neutralized Cryptolocker; now it has to deal with a new ransomwarespread via Angler Exploit Kit, which has been identified by Windows asTrojan.Win32.Critroni.A. It’s a high severity malware that can prevent users from using their PC or accessing any data on it. Users affected from this malware will receive message to pay ransom to the hackers, which is not a recommended option as it doesn’t guarantee freedom from its menace. Reassuringly, an advisory published on Microsoft website says that “Microsoft security software…
 
Log in