Tech Republic Security
NOVEMBER 28, 2016
The new report details increased risks to Android and Apple products and the top 10 Windows malware programs of 2016. Here's what your business needs to know to stay safe.
Adam Shostack
DECEMBER 2, 2016
Over the decade or so since The New School book came out, there’s been a sea change in how we talk about breaches, and how we talk about those who got breached. We agree that understanding what’s going wrong should be a bigger part of how we learn. I’m pleased to have played some part in that movement. As I consider where we are today, a question that we can’t answer sufficiently is “what’s in it for me?
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Kali Linux
DECEMBER 1, 2016
We’re happy to announce that we’ve once again listed our Kali Linux images on the Amazon AWS marketplace. You can now spin up an updated Kali machine easily through your EC2 panel. Our current image is a “full” image, which contains all the standard tools available in a full Kali release. Once your instance is running, connect to it with your SSH private key using the “ ec2-user ” account.
Penetration Testing
DECEMBER 2, 2016
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and... The post Nikto v2.5 releases – WebAPP Penetration Testing Tool appeared first on Penetration Testing.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
DECEMBER 1, 2016
In 2016 ransomware, phishing, and IoT attacks pummeled business and consumers alike. What cybersecurity trends will emerge in 2017? Take our survey to share your opinion about emerging hacker trends.
Adam Shostack
NOVEMBER 30, 2016
There’s a really interesting podcast with Robert Hurlbut Chris Romeo and Tony UcedaVelez on the PASTA approach to threat modeling. The whole podcast is interesting, especially hearing Chris and Tony discuss how an organization went from STRIDE to CAPEC and back again. There’s a section where they discuss the idea of “think like an attacker,” and Chris brings up some of what I’ve written (“ ‘Think Like an Attacker’ is an opt-in mistake.”) I th
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
DECEMBER 2, 2016
What malware does Windows Defender recognize? Learn how to use PowerShell's Defender cmdlets to peek inside the malware signature definitions database.
Tech Republic Security
DECEMBER 1, 2016
The market for biometric vehicle access systems is expected to reach $855 million by 2021. Here's what the rise of biometrics could mean for your car and your enterprise.
Tech Republic Security
NOVEMBER 30, 2016
A curated list of cybersecurity audiobooks to help you better understand the history of computing, who hacks and why, and the future of cyber-defense.
Tech Republic Security
NOVEMBER 28, 2016
SCADA systems need to be secure, yet according to one expert, firewalls are not up to the task, and should be replaced with Unidirectional Security Gateways. Learn what to look for in a USG.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Tech Republic Security
NOVEMBER 28, 2016
If you have Linux servers that depend upon encryption, you owe it to yourself to beef up the system entropy. Here's how to do so with haveged.
Tech Republic Security
DECEMBER 2, 2016
The Android Mediaserver is back in the critical column for vulnerabilities. Get the highlights of the November 2016 bulletin.
Tech Republic Security
NOVEMBER 29, 2016
Researchers at Radboud University have developed an anonymization process using polymorphic encryption and pseudonymisation. Applications may include securing healthcare and IoT data.
Tech Republic Security
NOVEMBER 29, 2016
Recently, at the AWS re:Invent conference, Harvard's manager of cloud architecture detailed the main investments that the university made in order to secure its cloud.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Adam Shostack
NOVEMBER 28, 2016
In September, we shared the news that for its 50th year, the people of Gävle paid an extra $100,000 to secure the goat. Sadly, it seems to have not helped. Today, the goat tweeted: Oh no, such a short amount of time with you my friends. The obvious lesson is that the Swedes have a ransomware problem, and the goat should stop clicking on links in email.
Tech Republic Security
NOVEMBER 29, 2016
The problem is unique to iCalendar users and it stems from Apple's desire to make things easier for us. Luckily there is a way to get rid of those random, often unintelligible, invites.
Tech Republic Security
NOVEMBER 28, 2016
It could take months to know what the Trump administration's cybersecurity policy will be. Cyber-defense experts weigh in with advice and best practices for securing your company today.
Tech Republic Security
NOVEMBER 29, 2016
According to a survey by data firm Carbonite 74% of small business owners fear Washington politicians are not doing enough to protect companies against cyberattack.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Adam Shostack
NOVEMBER 29, 2016
[ Dec 15 : Note that there are 4 updates to the post with additional links after writing.]. The Green Party is driving a set of recounts that might change the outcome in one or more swing states. Simultaneously, there is a growing movement to ask the Electoral College to choose a candidate other than Donald Trump to be the next President of the United States.
Expert insights. Personalized for you.
157 
Let's personalize your content