Tech Republic Security
AUGUST 17, 2017
A new IBM scholarship will cover 100% of the entry fees for any woman interested in attending EC-Council's Hacker Halted conference. Here's how to take advantage of the offer.
Elie
AUGUST 18, 2017
The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed several high-profile targets with massive distributed denial-of-service (DDoS) attacks. In this paper, we provide a seven-month retrospective analysis of Mirai’s growth to a peak of 600k infections and a history of its DDoS victims.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Privacy and Cybersecurity Law
AUGUST 23, 2017
In our monthly GDPR Updates we discuss various key issues of the General Data Protection Regulation, (EU) 2016/679 (the GDPR), […].
The Falcon's View
AUGUST 29, 2017
Soul-crushing failure. If asked, that is how I would describe the last 10 years of my career, since leaving AOL. I made one mistake, one bad decision, and it's completely and thoroughly derailed my entire career. Worse, it's unclear if there's any path to recovery as failure piles on failure piles on failure. The Ground I've Trod. To understand my current state of career decrepitude, as well as how I've seemingly become an industry pariah.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
NopSec
AUGUST 21, 2017
The first traditional deadline is coming to a close this month for compliance with the NYDFS Cybersecurity Regulations. Please note that situations vary from one organization to another and I urge you to consult an NY DFS expert to help you get the right information for your team and determine which requirements apply exactly to you. For example, the initial 30 day period for filing Notices of Exemption under 23 NYCRR 500.19(e) ends on August 28, 2017.
Andrew Hay
AUGUST 16, 2017
Please join SANS Institute Instructor and LEO Cyber Security Co-Founder & CTO Andrew Hay and Infoblox Security Product Marketing’s Sam Kumarsamy on Thursday, August 17th, 2017 at 1:00 PM EDT (17:00:00 UTC) as they present a SANS Institute webinar entitled Detect & Prevent Data Exfiltration: A Unique Approach. Overview. Data is the new currency in the modern digital enterprise and protecting data is a strategic imperative for every organization.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Elie
AUGUST 22, 2017
SHA-1 is a widely used 1995 NIST cryptographic hash function standard that was officially deprecated by NIST in 2011 due to fundamental security weaknesses demonstrated in various analyses and theoretical attacks. Despite its deprecation, SHA-1 remains widely used in 2017 for document and TLS certificate signatures, and also in many software such as the GIT versioning system for integrity and backup purposes.
Privacy and Cybersecurity Law
AUGUST 23, 2017
In our monthly GDPR Updates we discuss various key issues of the General Data Protection Regulation, (EU) 2016/679 (the GDPR ), which applies from 25 May 2018. With the introduction of the GDPR, the existing Directive 95/46/EC and its implementation in the local laws of the various EU Member States will be repealed. The GDPR will bring significant and substantial changes with respect to the processing of personal data.
The Falcon's View
AUGUST 2, 2017
Folks: Please stop calling every soup-to-nuts, everything-but-the-kitchen-sink security job a "security architect" role. It's harmful to the industry and it's doing you no favors trying to find the right resources. In fact, please stop posting these "one role does everything security under the sun" positions altogether. It's hurting your recruitment efforts, and it makes it incredibly difficult to find positions that are a good fit.
NopSec
AUGUST 15, 2017
Silos exist in all levels and all types of organizations. Different teams naturally have different priorities, methodologies, and more, though it can be argued that more collaboration can improve the efficiency and effectiveness of the company as a whole. This can be seen especially within IT Teams as well, particularly the development and operations teams.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
eSecurity Planet
AUGUST 27, 2017
News and notes for independent professionals and their clients. This is the August 28, 2017 edition.
Tech Republic Security
AUGUST 21, 2017
A group of 116 tech executives recently penned an open letter urging the UN to double its efforts protecting against autonomous weapons, which some have called 'killer robots.
Elie
AUGUST 31, 2017
In-depth research publications, industry talks and blog posts about Google security, research at Google and cybersecurity in general in open-access.
Tech Republic Security
AUGUST 11, 2017
A new satellite has been able to transmit 'unbreakable' code in an effort to build 'hack-proof' communications, according to Chinese state media.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Tech Republic Security
AUGUST 17, 2017
iOS users beware: A hacker has just published a decryption key for the Apple Secure Enclave, which is responsible for processing Touch ID transactions.
Tech Republic Security
AUGUST 16, 2017
FTP was the popular protocol for file transfer but short of using FTPS, it doesn't provide the security required these days. Here's how to use Secure Copy (SCP) for file transfer.
Tech Republic Security
AUGUST 8, 2017
Like commercial entities, government agencies have a tendency to find their secrets leaked to the dark web. Unfortunately, US government secrets are leaked at a much higher rate.
Tech Republic Security
AUGUST 4, 2017
As the IoT market booms, it's essential your company develops long-term cybersecurity solutions. These tips will help you prepare.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Tech Republic Security
AUGUST 24, 2017
A new report from Malwarebytes reveals Android ransomware rose 137.8% from Q1 to Q2 2017, and macOS malware is at its highest levels ever. Here are the threats the two platforms face.
Tech Republic Security
AUGUST 10, 2017
Cybersecurity workers face many challenges on the job. Here are 10 bad habits they must avoid in order to be most effective.
Tech Republic Security
AUGUST 16, 2017
Phishing attacks are a major source of worry for businesses. Here are a few tips on keeping malicious messages out of your users' inboxes and minimizing the risk when they make it there.
Tech Republic Security
AUGUST 7, 2017
Users get a bad rap for cybersecurity. Find out why making them part of your organization's cybersecurity solution is critical to staying secure.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Tech Republic Security
AUGUST 4, 2017
Phishing continues to be a problem, and attacks are moving away from the email inbox. A new report found that iOS is the biggest target, with most attacks coming from game apps.
Tech Republic Security
AUGUST 2, 2017
Researchers have created an AI that tweaks malware code, and it easily bypassed an anti-malware AI undetected. Is machine learning ready to face down cybersecurity threats?
Tech Republic Security
AUGUST 10, 2017
Cybersecurity complexities continue to rise as we transition into a world dominated by mobile devices and the Internet of the Things. At a high level, make sure you understand these three factors.
Tech Republic Security
AUGUST 8, 2017
Security firm Kaspersky Lab's threat report for Q2 2017 noted that malware disguised as ransomware will likely be a big problem this year, along with attacks targeting energy companies.
Speaker: William Hord, Vice President of ERM Services
A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.
Tech Republic Security
AUGUST 15, 2017
You've probably heard that password managers are the way to keep track of those long, complex passwords you should be using. Here's a quick explanation of how they work, and how to use them.
Tech Republic Security
AUGUST 8, 2017
Microsoft's Malware Protection Center has spotted new phishing techniques that direct Windows 10 users to fraudulent tech-support sites. Here's how you could be affected.
Tech Republic Security
AUGUST 10, 2017
University of Washington researchers successfully stored malware in synthetic DNA strands, and used it to gain control of the computer analyzing it.
Tech Republic Security
AUGUST 15, 2017
A botched wireless update for certain LockState locks has left them unable to be locked or unlocked without the physical backup key and highlighting the dangers associated with IoT.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
166 
Let's personalize your content