Tech Republic Security
DECEMBER 21, 2016
The coming year will bring a large-scale IoT security breach, with fleet management, retail, manufacturing, and government at the biggest risk, according to experts.
Adam Shostack
DECEMBER 21, 2016
Image credit: Bill Anders, Apollo 8 , launched this day, Dec 21, 1968.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Scary Beasts Security
DECEMBER 5, 2016
Overview In a previous blog post, I disclosed CESA-2016-0002 , an 0day vulnerability (without exploit) in the vmnc decoder of the gstreamer media subsystem, which is installed by default in Fedora. Because a Fedora fix was somewhat slow in coming, I decided to attempt to exploit this vulnerability. This would have to be another scriptless vulnerability.
NopSec
DECEMBER 13, 2016
Growing up as a kid in the 80’s ransom used to be a simple thing. A bad person with a foreign accent would kidnap the loved one(s) of a square-jawed, wealthy protagonist and demand a large sum of money for their safe return. But kidnapping someone’s significant other, their child, or even their beloved pet chihuahua is risky business. The criminals have to first identify a wealthy individual, then get physically close to kidnap the target without being seen or caught in the process.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Kali Linux
DECEMBER 1, 2016
We’re happy to announce that we’ve once again listed our Kali Linux images on the Amazon AWS marketplace. You can now spin up an updated Kali machine easily through your EC2 panel. Our current image is a “full” image, which contains all the standard tools available in a full Kali release. Once your instance is running, connect to it with your SSH private key using the “ ec2-user ” account.
Spinone
DECEMBER 28, 2016
99.9% of companies in the United States are small businesses that give jobs to almost 50% of local employees. SMBs are a great powerhouse of the US economy. Today we’ll be discussing Google Workspace (former G Suite), arguably the most popular business SaaS application for small and medium businesses. In particular, this guide will explain […] The post How to Upgrade From Google Workspace Basic to Business first appeared on SpinOne.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Adam Shostack
DECEMBER 29, 2016
There’s some really interesting leaked photos and analysis by Charles Goodman. “ Leaked photos from the Rogue One sequel (Mainly Speculation – Possible Spoilers).
Scary Beasts Security
DECEMBER 5, 2016
Overview A part of any intellectually honest full disclosure experiment is to disclose the less interesting findings alongside the more serious issues and exploits. Accordingly, if you were looking for spectacular 0day exploits, this is not the post you are looking for. If you’re generally interested in software failure conditions, though, here’s a bunch.
Privacy and Cybersecurity Law
DECEMBER 21, 2016
Canada’s Anti-Spam Law came into force on July 1, 2014. Since then, all eyes have been on the Canadian Radio-television and Telecommunications Commission […].
Penetration Testing
DECEMBER 2, 2016
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and... The post Nikto v2.5 releases – WebAPP Penetration Testing Tool appeared first on Penetration Testing.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Spinone
DECEMBER 28, 2016
Learn how to upgrade G Suite Basic to Business in our detailed guide for new business owners and founders. Also, find out how to protect your data. On April 22, 2007 Google launched the professional package of Google Apps for Enterprise. Since then, more than 6 million companies around the world are using Google Apps […] The post How to Upgrade G Suite Basic to Business: Detailed Guide first appeared on SpinOne.
Tech Republic Security
DECEMBER 13, 2016
From internal threats to creative ransomware to the industrial Internet of Things, security experts illuminate business cybersecurity threats likely to materialize in the next year.
Adam Shostack
DECEMBER 15, 2016
[Dec 20 update: The first draft of this post ended up with both consumer and enterprise advice, which made it complex. The enterprise half is now on the IANS blog: Never Waste a Good Crisis: Yahoo Edition.]. Yesterday, Yahoo disclosed that attackers broke into Yahoo in 2013 and stole details on a billion accounts. Brian Krebs summarizes what was taken, and also has a more general FAQ.
Scary Beasts Security
DECEMBER 13, 2016
Overview TL;DR: full reliable 0day drive-by exploit against Fedora 25 + Google Chrome, by breaking out of Super Nintendo Entertainment System emulation via cascading side effects from a subtle and interesting emulation error. Very full details follow. [ UPDATE 13 Dec 2016 -- a couple of competent readers inform me that I've named the wrong processor!
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Privacy and Cybersecurity Law
DECEMBER 3, 2016
As part of its efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the US Department […].
NopSec
DECEMBER 7, 2016
Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? If you’ve read cybersecurity news lately, you’ve probably heard that it’s back. This time, Shamoon disrupted servers at several Saudi government agencies. When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.
Spinone
DECEMBER 8, 2016
Cybersecurity is often overlooked by small business, but over 60% of cyber attacks are targeted at small to medium-sized businesses. Small businesses are attractive to hackers because they usually do not have the sophisticated security systems that are in use by larger organizations. They are also likely to have more digital assets than individual users […] The post Google Workspace Security Insurance for SMB first appeared on SpinOne.
Tech Republic Security
DECEMBER 9, 2016
Law enforcement has trained special dogs to find hidden thumb drives and cell phones that human investigators routinely miss, and it's foiling predators, terrorists, and other criminals.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Adam Shostack
DECEMBER 12, 2016
This quote from Bob Iger, head of Disney, is quite interesting for his perspective as a leader of a big company: There is a human side to it that I try to apply and consider. [But] the harder thing is to balance with the reality that not everything is perfect. In the normal course of running a company this big, you’re going to see, every day, things that are not as great as you would have hoped or wanted them to be.
Tech Republic Security
DECEMBER 7, 2016
One of the elephants in the room at the 2016 Smart Cities Summit in Boston was cybersecurity. It threatens to derail the most optimistic plans for making cities more efficient and more responsive.
Tech Republic Security
DECEMBER 7, 2016
We're constantly reminded of the risks that come with bad passwords, yet many people persist in using obvious and easy-to-crack names, words, and patterns. Want to know if you're at risk?
Tech Republic Security
DECEMBER 6, 2016
Here are five things that might convince you to care about your personal data, even if you think you don't.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Tech Republic Security
DECEMBER 1, 2016
In 2016 ransomware, phishing, and IoT attacks pummeled business and consumers alike. What cybersecurity trends will emerge in 2017? Take our survey to share your opinion about emerging hacker trends.
Tech Republic Security
DECEMBER 7, 2016
A hand-picked list of must-watch cybersecurity videos to help you learn the fundamentals of encryption, how hackers penetrate systems, and strong cyber-defense tactics for business.
Tech Republic Security
DECEMBER 9, 2016
BlackBerry recently unveiled BlackBerry Secure, a new security platform that hopes to help organizations more effectively manage smartphones and connected devices.
Tech Republic Security
DECEMBER 5, 2016
If you've been waiting for encrypted email to arrive on Chrome OS, thanks to Android apps, it is now ready for prime time. Jack Wallen shows to make this so.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
DECEMBER 7, 2016
Small businesses run lean, and bad guys know that means security may be less than adequate. NIST researchers share ways that small businesses can protect their information.
Tech Republic Security
DECEMBER 6, 2016
This year thousands of cyber-attacks cost companies millions in damages and exposed billions of sensitive consumer and corporate records. These are the 10 biggest business hacks of 2016.
Tech Republic Security
DECEMBER 9, 2016
If your Apache 2 web server is failing to execute PHP files, learn how to quickly remedy this issue.
Tech Republic Security
DECEMBER 2, 2016
The Android Mediaserver is back in the critical column for vulnerabilities. Get the highlights of the November 2016 bulletin.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Expert insights. Personalized for you.
167 
Let's personalize your content