March, 2015

article thumbnail

Vagrant Boxes: Private Vagrant Box Hosting With Easy Versioning

NopSec

At NopSec, we are using vagrant and packer to spin up local dev environments and build our instances across the various hypervisor and cloud providers we use. We have packer scripts that build our VirtualBox and VMware images used in local development and our various instances used in our cloud providers. An issue I had to solve recently was how best to share development vagrant boxes within our team.

article thumbnail

Operating System Vulnerabilities, Exploits and Insecurity

We Live Security

iOS and OS X the most vulnerable operating systems? Don't confuse vulnerabilities with exploits, or patch frequency with insecurity.

52
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Happy World Backup Day!

Spinone

March 31st is the World Backup Day. Don’t forget to back up your critical data today. Tomorrow is April 1st so don’t be an APRIL FOOL. What is backup? A backup is a second copy of all your important files — for example, job contacts, emails, files, documents and even your family photos. Instead of storing it all in one place, you keep another copy of everything somewhere else safe.

Backups 40
article thumbnail

ECJ case on Safe Harbor

Privacy and Cybersecurity Law

The ECJ heard arguments, this week, in the action against the Irish Data Protection Commissioner that Safe Harbor should be […].

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Mapping Penetration Testing report and vulnerability management CVEs

NopSec

Penetration tests are point-in-time adversarial tests aimed at testing the intrusion prevention, detection, and incident response capabilities and controls of an organization. Usually well-trained penetration testers produce reports including the attack vectors and exploits used to successfully attack the network / application and the related vulnerabilities / CVEs exploited during the penetration test.

article thumbnail

CryptoFortress mimics TorrentLocker but is a different ransomware

We Live Security

ESET assess the differences between CryptoFortress and TorrentLocker: two very different strains of ransomware.

LifeWorks

More Trending

article thumbnail

Casper Malware: After Babar and Bunny, Another Espionage Cartoon

We Live Security

In this post, we lift the veil on Casper - another piece of software that we believe to have been created by the same organization that is behind Babar and Bunny.

Malware 52
article thumbnail

Cyber Vulnerability in Wind Turbines

Privacy and Cybersecurity Law

It has been reported that a wind turbine which is deployed across the energy sector worldwide has been hacked. Due to […].

Hacking 40
article thumbnail

Online Dating Site Hit with Anti-Spam Law Fine

Privacy and Cybersecurity Law

On the heels of issuing its first Notice of Violation under Canada’s Anti-spam Legislation (CASL) earlier this month, the Canadian […].

article thumbnail

7 tasks that waste your IT team’s time

We Live Security

IT teams' time is always limited, and it doesn't help when other things get in the way. Here's seven things that waste your IT team's time.

40
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

UK Announces investment in digital currencies

Privacy and Cybersecurity Law

UK Chancellor, George Osborne, announced yesterday, a £10 million boost from government for digital currency such as Bitcoin. This was […].

article thumbnail

Will Windows 10 leave enterprises vulnerable to zero-days?

We Live Security

One thing Microsoft has been very public about is Windows 10's new strategy of releasing patches to update the operating system at different times for consumer and enterprise versions.

40
article thumbnail

Hackers phish for data with fake Apple Watch giveaway

We Live Security

Apple fans keen to get their hands on the Apple Watch are advised to think before they click, after hackers exploited a wave of enthusiasm around the launch with a phishing scam linked to a fake giveaway.

article thumbnail

FBI investigating apparent ISIS attacks on Western websites

We Live Security

A number of seemingly unconnected Western websites were hacked over the weekend, with messages claiming Islamic State as the perpetrator.

Hacking 40
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Lysa Myers: "There are still only a handful of women in the security field"

We Live Security

There are many female researchers and computer experts who contribute to the field, helping everyone enjoy safer technology. We spoke to one of the most prominent: Lysa Myers, a member of our research team in the US.

article thumbnail

$1.1 Million Penalty Issued Under Canada’s Anti-Spam Law

Privacy and Cybersecurity Law

The Canadian Radio-television and Telecommunications Commission (CRTC) announced today that it has issued a Notice of Violation to Quebec-based business Compu-Finder […].

article thumbnail

FREAK attack: security vulnerability breaks HTTPS protection

We Live Security

A widespread, long-standing security flaw that allows attackers to decrypt HTTPS-protected traffic between certain device and potentially millions of websites has been uncovered by security researchers, reports Ars Technica.

40
article thumbnail

Blu-ray exploits could allow computer malware infection

We Live Security

A pair of possible exploits in hardware and software used for playing Blu-ray discs have come to light, reports PC World.

Malware 40
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.