Tech Republic Security
MAY 10, 2017
Dell EMC's senior product manager for IoT security, Rohan Kotian, hosted a presentation at Dell EMC World explaining how industrial enterprises can protect their IoT deployments.
Scary Beasts Security
MAY 19, 2017
Overview *bleed attacks are hot right now. Most notably, there's been Heartbleed and Cloudbleed. In both cases, out-of-bounds reads in server side code resulted in private server memory content being returned to clients. This leaked sensitive secrets from the server process' memory space, such as keys, tokens, cookies, etc. There was also a recent client-side bleed in Microsoft's image libraries , exposed through Internet Explorer.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Lenny Zeltser
MAY 1, 2017
“Zero-day” is the all-powerful boogieman of the information security industry. Too many of us invoke it when discussing scary threats against which we feel powerless. We need to define and disambiguate this term before attempting to determine whether we’ve accounted for the associated threats when designing security programs. Avoid Zero-Day Confusion.
NopSec
MAY 31, 2017
We’re proud to build products IT Security Teams actually need and use on a daily basis. We’re a company started by penetration testers, after all. With boots on the ground and decades of experience, we know the challenges that IT Teams face, and what tools they need to get the job done. There are three specific cybersecurity challenges that we address with our recently released E3 Engine technology and award-winning Unified VRM platform: 1.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Privacy and Cybersecurity Law
MAY 17, 2017
The National Institute of Standards and Technology (NIST) is holding a Cybersecurity Framework Workshop this week at its headquarters in Gaithersburg, Maryland. […].
Penetration Testing
MAY 15, 2017
Empire Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility.... The post Empire 5.8.1 releases: PowerShell & Python post-exploitation agent appeared first on Penetration Testing.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Scary Beasts Security
MAY 19, 2017
Overview In my previous post on Yahoobleed #1 (YB1) , we saw how an uninitialized memory vulnerability could lead to disclosure of private images belonging to other users. The resulting leaked memory bytes were subject to JPEG compression, which is not a problem for image theft, but is somewhat lacking if we wanted to steal memory content other than images.
Andrew Hay
MAY 3, 2017
Last week I had the pleasure of presenting three times, at two conferences, in two different countries: SOURCE in Boston, MA and at the Atlantic Security Conference (AtlSecCon) in Halifax, NS, Canada. The first event of my week was SOURCE Boston. This year marked the tenth anniversary of SOURCE Conference and it continues to pride itself on being one of the only venues that brings business, technology and security professionals together under one roof to focus on real-world, practical security s
Tech Republic Security
MAY 31, 2017
Cyberwarfare has begun. Unlike nuclear weapons, cyberweapons can be proliferated more quickly and the threat from accidentally setting them off is even greater.
Tech Republic Security
MAY 15, 2017
United Airlines recently alerted staff that cockpit access codes has been posted online, raising concerns about the chain of ownership for sensitive data.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Tech Republic Security
MAY 31, 2017
Cisco and IBM have announced a partnership that will see integrations across their products and services as they aim to help customers improve their security posture.
Tech Republic Security
MAY 31, 2017
A new research report from the Ponemon Institute on third-party IoT integrations shows a strong concern over IoT security, but not many actions taken to mitigate it.
Tech Republic Security
MAY 22, 2017
Recent well-publicized ransomware attacks plagued some Windows users, though Macs aren't immune from malware. Find out how Bitdefender Antivirus can provide Mac users with peace of mind.
Tech Republic Security
MAY 24, 2017
The risk of malware infection may be inevitable--but that doesn't mean you can't take steps to protect your Windows computers from attack. Here are 10 measures that will help minimize the threat.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Tech Republic Security
MAY 2, 2017
Should you respond to a cyber incident? The answer isn't always clear. But researchers have developed a model that should make the decision easier.
Tech Republic Security
MAY 15, 2017
The Federal Trade Commission recently announced new efforts to end scams that target consumers through fake security alerts. Here's how to spot them and stay safe.
Tech Republic Security
MAY 23, 2017
Some 93% of tech decision makers said they are worried about the security challenges posed by an increasingly mobile workforce, according to a new report from iPass.
Tech Republic Security
MAY 22, 2017
A growing threat landscape has changed the role of the chief information security officer in the past decade. Here's why this position and its evolution are vital in the modern enterprise.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Tech Republic Security
MAY 22, 2017
Kaspersky Lab detected more than 479 million malicious attacks from online sources in Q1 2017 alone, according to a new report. Here's how to stay safe.
Tech Republic Security
MAY 9, 2017
It's a shocking discovery that could shake your concept of security to its core: Those trusted to protect your networks are ignoring their own policies. Is something rotten in the state of cybersec?
Tech Republic Security
MAY 2, 2017
A recent study found 956 potential exploits in Android apps that could allow data extraction, malware installs, and remote device control. Some of the affected apps have tens of millions of installs.
Tech Republic Security
MAY 2, 2017
In a recent support alert issued by IBM, the company noted that some USB drives that shipped with its Storwize systems contained malicious code.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Tech Republic Security
MAY 5, 2017
A report from security company G DATA said that 8,400 new Android malware samples are discovered every day, stemming from the fragmentation issues with the OS.
Tech Republic Security
MAY 16, 2017
Despite understanding the risks, a majority of CEOs and business decision makers do not adhere to enterprise security practices, according to a new survey from Code42.
Tech Republic Security
MAY 8, 2017
Ransomware cost businesses more than $1B last year, and SMBs are particularly susceptible to attack. Here are some tips and best practices for keeping your company safe.
Tech Republic Security
MAY 8, 2017
This guide covers everything you need to know about zero day security exploits, which are secret vulnerabilities used by hackers to infiltrate PCs, networks, mobile phones, and IoT devices.
Speaker: William Hord, Vice President of ERM Services
A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.
Tech Republic Security
MAY 9, 2017
Two members of Google's Project Zero discovered a serious exploit over the weekend. It's so bad it can take over a system just by sending an email-no opening or reading necessary.
Tech Republic Security
MAY 15, 2017
mSecure assists Apple, Windows, and Android users in securely managing passwords across various devices, though some syncing features are not included in the latest release. Erik Eckel explores why.
Tech Republic Security
MAY 19, 2017
Protonmail CEO Andy Yen explains how government backdoors and zero day exploits made the British hospital system, SMBs, and enterprise organizations vulnerable to the WannaCry exploit.
Tech Republic Security
MAY 18, 2017
Check out researchers' password meter on GitHub to see how the open source web app determines a password's strength and then uses data-driven feedback to make it stronger.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
167 
Let's personalize your content