Tech Republic Security
DECEMBER 13, 2016
From internal threats to creative ransomware to the industrial Internet of Things, security experts illuminate business cybersecurity threats likely to materialize in the next year.
Adam Shostack
DECEMBER 29, 2016
There’s some really interesting leaked photos and analysis by Charles Goodman. “ Leaked photos from the Rogue One sequel (Mainly Speculation – Possible Spoilers).
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Scary Beasts Security
DECEMBER 5, 2016
Overview In a previous blog post, I disclosed CESA-2016-0002 , an 0day vulnerability (without exploit) in the vmnc decoder of the gstreamer media subsystem, which is installed by default in Fedora. Because a Fedora fix was somewhat slow in coming, I decided to attempt to exploit this vulnerability. This would have to be another scriptless vulnerability.
Kali Linux
DECEMBER 1, 2016
We’re happy to announce that we’ve once again listed our Kali Linux images on the Amazon AWS marketplace. You can now spin up an updated Kali machine easily through your EC2 panel. Our current image is a “full” image, which contains all the standard tools available in a full Kali release. Once your instance is running, connect to it with your SSH private key using the “ ec2-user ” account.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Spinone
DECEMBER 28, 2016
99.9% of companies in the United States are small businesses that give jobs to almost 50% of local employees. SMBs are a great powerhouse of the US economy. Today we’ll be discussing Google Workspace (former G Suite), arguably the most popular business SaaS application for small and medium businesses. In particular, this guide will explain […] The post How to Upgrade From Google Workspace Basic to Business first appeared on SpinOne.
NopSec
DECEMBER 7, 2016
Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? If you’ve read cybersecurity news lately, you’ve probably heard that it’s back. This time, Shamoon disrupted servers at several Saudi government agencies. When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Adam Shostack
DECEMBER 12, 2016
This quote from Bob Iger, head of Disney, is quite interesting for his perspective as a leader of a big company: There is a human side to it that I try to apply and consider. [But] the harder thing is to balance with the reality that not everything is perfect. In the normal course of running a company this big, you’re going to see, every day, things that are not as great as you would have hoped or wanted them to be.
Scary Beasts Security
DECEMBER 5, 2016
Overview A part of any intellectually honest full disclosure experiment is to disclose the less interesting findings alongside the more serious issues and exploits. Accordingly, if you were looking for spectacular 0day exploits, this is not the post you are looking for. If you’re generally interested in software failure conditions, though, here’s a bunch.
Penetration Testing
DECEMBER 2, 2016
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and... The post Nikto v2.5 releases – WebAPP Penetration Testing Tool appeared first on Penetration Testing.
Spinone
DECEMBER 28, 2016
Learn how to upgrade G Suite Basic to Business in our detailed guide for new business owners and founders. Also, find out how to protect your data. On April 22, 2007 Google launched the professional package of Google Apps for Enterprise. Since then, more than 6 million companies around the world are using Google Apps […] The post How to Upgrade G Suite Basic to Business: Detailed Guide first appeared on SpinOne.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Privacy and Cybersecurity Law
DECEMBER 21, 2016
Canada’s Anti-Spam Law came into force on July 1, 2014. Since then, all eyes have been on the Canadian Radio-television and Telecommunications Commission […].
Tech Republic Security
DECEMBER 7, 2016
A hand-picked list of must-watch cybersecurity videos to help you learn the fundamentals of encryption, how hackers penetrate systems, and strong cyber-defense tactics for business.
Adam Shostack
DECEMBER 8, 2016
There’s a new paper from Mark Thompson and Hassan Takabi of the University of North Texas. The title captures the question: Effectiveness Of Using Card Games To Teach Threat Modeling For Secure Web Application Developments. Gamification of classroom assignments and online tools has grown significantly in recent years. There have been a number of card games designed for teaching various cybersecurity concepts.
Scary Beasts Security
DECEMBER 13, 2016
Overview TL;DR: full reliable 0day drive-by exploit against Fedora 25 + Google Chrome, by breaking out of Super Nintendo Entertainment System emulation via cascading side effects from a subtle and interesting emulation error. Very full details follow. [ UPDATE 13 Dec 2016 -- a couple of competent readers inform me that I've named the wrong processor!
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
NopSec
DECEMBER 13, 2016
Growing up as a kid in the 80’s ransom used to be a simple thing. A bad person with a foreign accent would kidnap the loved one(s) of a square-jawed, wealthy protagonist and demand a large sum of money for their safe return. But kidnapping someone’s significant other, their child, or even their beloved pet chihuahua is risky business. The criminals have to first identify a wealthy individual, then get physically close to kidnap the target without being seen or caught in the process.
Spinone
DECEMBER 28, 2016
On April 22, 2007 Google launched the professional package of Google Apps for Enterprise. Since then, more than 6 million companies around the world are using Google Apps for managing their business. So what has been the secret of Google’s success? In my opinion, it’s as a result of ongoing service & security improvements, along with enhanced capabilities that require only a nominal amount of additional IT resources.
Privacy and Cybersecurity Law
DECEMBER 3, 2016
As part of its efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the US Department […].
Tech Republic Security
DECEMBER 15, 2016
Yahoo recently confirmed a leak of one billion accounts, adding to its growing list of security woes. Here are four actions your company can take to prevent a similar debacle.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Adam Shostack
DECEMBER 2, 2016
Over the decade or so since The New School book came out, there’s been a sea change in how we talk about breaches, and how we talk about those who got breached. We agree that understanding what’s going wrong should be a bigger part of how we learn. I’m pleased to have played some part in that movement. As I consider where we are today, a question that we can’t answer sufficiently is “what’s in it for me?
Tech Republic Security
DECEMBER 6, 2016
This year thousands of cyber-attacks cost companies millions in damages and exposed billions of sensitive consumer and corporate records. These are the 10 biggest business hacks of 2016.
Tech Republic Security
DECEMBER 7, 2016
We're constantly reminded of the risks that come with bad passwords, yet many people persist in using obvious and easy-to-crack names, words, and patterns. Want to know if you're at risk?
Tech Republic Security
DECEMBER 21, 2016
The coming year will bring a large-scale IoT security breach, with fleet management, retail, manufacturing, and government at the biggest risk, according to experts.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Tech Republic Security
DECEMBER 7, 2016
One of the elephants in the room at the 2016 Smart Cities Summit in Boston was cybersecurity. It threatens to derail the most optimistic plans for making cities more efficient and more responsive.
Tech Republic Security
DECEMBER 1, 2016
In 2016 ransomware, phishing, and IoT attacks pummeled business and consumers alike. What cybersecurity trends will emerge in 2017? Take our survey to share your opinion about emerging hacker trends.
Tech Republic Security
DECEMBER 5, 2016
In a recent interview with Yahoo's Katie Couric, former NSA contractor Edward Snowden spoke about how he believes justice in the US is 'two-tiered.
Tech Republic Security
DECEMBER 21, 2016
This comprehensive guide covers everything you need to know about digital forensics, the science of recovering data from computers, networks, mobile phones, and IoT devices.
Speaker: William Hord, Vice President of ERM Services
A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.
Tech Republic Security
DECEMBER 7, 2016
Small businesses run lean, and bad guys know that means security may be less than adequate. NIST researchers share ways that small businesses can protect their information.
Tech Republic Security
DECEMBER 9, 2016
BlackBerry recently unveiled BlackBerry Secure, a new security platform that hopes to help organizations more effectively manage smartphones and connected devices.
Tech Republic Security
DECEMBER 2, 2016
What malware does Windows Defender recognize? Learn how to use PowerShell's Defender cmdlets to peek inside the malware signature definitions database.
Tech Republic Security
DECEMBER 5, 2016
If you've been waiting for encrypted email to arrive on Chrome OS, thanks to Android apps, it is now ready for prime time. Jack Wallen shows to make this so.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
167 
Let's personalize your content