Monthly Archives: April 2019
Password Managers: Devil’s in the Details
By Mark Lenke How Can Giving All Your Passwords To a Password Manager Be Safe? Passwords are unequivocally the most used entry point to anything online. Ubiquitous, and the most […]
Why You May Be the Next Equifax or Marriott Type Data Breach
By Randy Reiter, CEO, SQL Power Tools In 2018 there were 1,200+ data breaches in the United States with over 446.5 million records stolen. According to IBM, the average cost […]
DNS hijacking campaigns target Gmail, Netflix, and PayPal users
Security experts at Bad Packets uncovered a DNS hijacking campaign that is targeting the users of popular online services, including Gmail, Netflix, and PayPal. Experts at Bad Packets uncovered a […]
Finally: A Truly Trustworthy Password Management System
Why your password manager is vulnerable By Patrick Tardif, Founder, PasswordWrench Inc. According to 87% of 517 IT security professionals who attended the RSA Conference 2019, the world is currently […]
Managing Enterprise Mobile Security
By Julian Weinberger, NCP engineering From apps that know our every move to cookies that track each browsing session – our smartphones are constantly spying on us. These days, most […]
HTTPS — what kind of data is not protected by default
How HTTPS can protect your data and that information is at risk. By Pedro Tavares, Founder of CSIRT.UBI & Cyber Security Blog seguranca-informatica.pt Currently, web traffic adopted a standard […]
Why changing your mindset on your biggest ICS risk is essential?
In a world full of threats, cybersecurity staffing could be the leading risk. By Karl Sharman, Vice-President, BeecherMadden 58% of the companies surveyed by Kaspersky (2018) classify it as a […]
Emerging trends and cyber security best practices for businesses in 2019
Cybersecurity strategies, identity access management, BYOD, and artificial intelligence By Giridhara Raam, Product Evangelist, Manage Engine There was massive technological growth in 2018; things like artificial intelligence and block chains […]
Seven Myths about Security Orchestration
By Abhishek Iyer, Technical Marketing Manager, Demisto Since security orchestration is still an evolving space with competing definitions and maturing feature sets, there are some misconceptions that exist about its […]
Ghidra explained
A SOPHISTICATED TOOL WITH FAR-REACHING IMPLICATIONS By Dr. Wesley McGrew, Director of Cyber Operations, HORNE Cyber On March 5, the National Security Agency (NSA) officially released Ghidra, a software suite […]
AWS, The Cloud & Security – 5 Things You Should Know About Before Investing In The Cloud
More businesses are looking towards investing in operating on the cloud. The benefits are too good to pass on. From increased security, streamlined pipelines, and easier deployment and control. There […]
New XLoader variant leverage Twitter to hide C2 addresses
Security experts at Trend Micro spotted a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application. Trend Micro discovered a new variant […]
26k+ Kibana Instances exposed Elasticsearch databases online
Security expert discovered thousands of unsafe Kibana instances that are exposed online, the news was first reported by colleagues at THN. Kibana is an open source data visualization plugin for Elasticsearch. It […]
Standardizing Security: Mitigating IoT Cyber Risks
(Part I of an II Part Series) By Daniel Jetton, Vice President of Cyber Services, OBXtek And Carter Simmons, Deputy Program Manager, OBXtek Introduction We, in America, are fully immersed […]
What is an Information Security Policy Architecture?
By Sandy Bacik, Senior Compliance & Cyber Security Auditor, CipherTechs, Inc. In general, policy[1] is the guidance of behavior for anyone or anything defined in scope. An information security policy […]
Protecting Open Source Growth in Cyber security through Patent Non-Aggression
By Keith Bergelt, CEO of Open Invention Network According to Cybersecurity Ventures, between 2017 and 2021, more than $1 trillion will have been cumulatively spent on cybersecurity products and services. […]
How to Prevent Cyber security Disaster in 2019
By Limor Wainstein, Technical writer Cybercrime is possibly the ideal crime: very profitable, scalable and relatively low risk. As our lives become more dependent on the online world, it is […]
Why Does Expert Knowledge Matter?
By Milica D. Djekic Before you make a decision to begin any security task – you need to think hard how to approach any concern being correlated with that job. […]
The Missing Link in Supply Chain Security – Trusted Physical-Digital Binding
By Eric Sharret, Government/ Defense Lead, DUST Identity Eric Sharret is the Government and Defense Lead at DUST Identity, a leader in supply chain security. DUST Identity is the only […]
The Future of Infosec: Virtualization Will Complement Real-Time Packet Capture
This is the second of two articles on packet capture and its vital role in network cybersecurity. The focus is on why organizations should move their InfoSec tools to an open […]
Network vulnerability assessment for eCommerce solutions
By Uladzislau Murashka, Certified Ethical Hacker at ScienceSoft Discover how network vulnerability assessment can assist in reaching a proper security level of a complex eCommerce ecosystem. Network vulnerability assessment for eCommerce […]
Investigator told Saudis hacked into Amazon CEO Jeff Bezos’ phone
The phone of the Amazon chief was hacked by Saudi Arabian authorities interested in access to his personal data, revealed the investigator hired by Jeff Bezos. Gavin de Becker, the […]
Four Corporate Email Oversights That Put Your Organization at Risk
By Morey Haber, CTO, BeyondTrust As part of onboarding, new hires typically sign an employee handbook which includes policies and guidelines for acceptable information technology usage. Within the details, are […]
Why You Don’t Need (or Want) a SIEM Tool
By Tony Bradley There are a lot of things that sound good on paper, but don’t work out as planned in practice: Hot dog buns that are sliced on the top, […]
How Cyber Criminals Capitalized on the 2018 Holiday Shopping Season
By Jordan Herman, threat researcher, RiskIQ The 2018 holiday shopping season was a financial boon for retailers, but threat actors filled their pockets too. The flurry of shopping activity saw […]
Cyber criminals are searching for the chink in your armor
Learn to find it before they do Source: Regent University Cybercrime is nothing if not dynamic. As soon as bad actors are identified by local site personnel—whether they are adversarial nation […]
Navigating the ‘cloudy’ sky
By Raj Samani, the Chief Scientist at McAfee Cloud services are nearly ubiquitous, with 97% of worldwide IT professionals surveyed using some type of cloud functions in their organization, up […]
Millions of Toyota customer records exposed in data breach
Toyota Motor Corporation (TMC) sales subsidiary and its affiliates suffered a data breach that exposed personal information of millions of customers in Japan. The week closes with the news of […]
How to assess and audit your risk?
By Milica D. Djekic Dealing with the risk is not an easy challenge By the risk, we could mean the likelihood that something wrong could happen with our IT infrastructure. […]
You can’t stop all malware, but you can stop the damage
By Teresa Wingfield, Director of Product Marketing at Nyotron Organizations cannot stop all malware with today’s endpoint security technologies, but they can mitigate the damage that malware intends to cause. […]