Tech Republic Security
DECEMBER 15, 2016
Yahoo recently confirmed a leak of one billion accounts, adding to its growing list of security woes. Here are four actions your company can take to prevent a similar debacle.
Adam Shostack
DECEMBER 15, 2016
[Dec 20 update: The first draft of this post ended up with both consumer and enterprise advice, which made it complex. The enterprise half is now on the IANS blog: Never Waste a Good Crisis: Yahoo Edition.]. Yesterday, Yahoo disclosed that attackers broke into Yahoo in 2013 and stole details on a billion accounts. Brian Krebs summarizes what was taken, and also has a more general FAQ.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
NopSec
DECEMBER 13, 2016
Growing up as a kid in the 80’s ransom used to be a simple thing. A bad person with a foreign accent would kidnap the loved one(s) of a square-jawed, wealthy protagonist and demand a large sum of money for their safe return. But kidnapping someone’s significant other, their child, or even their beloved pet chihuahua is risky business. The criminals have to first identify a wealthy individual, then get physically close to kidnap the target without being seen or caught in the process.
Scary Beasts Security
DECEMBER 13, 2016
Overview TL;DR: full reliable 0day drive-by exploit against Fedora 25 + Google Chrome, by breaking out of Super Nintendo Entertainment System emulation via cascading side effects from a subtle and interesting emulation error. Very full details follow. [ UPDATE 13 Dec 2016 -- a couple of competent readers inform me that I've named the wrong processor!
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Tech Republic Security
DECEMBER 13, 2016
From internal threats to creative ransomware to the industrial Internet of Things, security experts illuminate business cybersecurity threats likely to materialize in the next year.
Adam Shostack
DECEMBER 12, 2016
This quote from Bob Iger, head of Disney, is quite interesting for his perspective as a leader of a big company: There is a human side to it that I try to apply and consider. [But] the harder thing is to balance with the reality that not everything is perfect. In the normal course of running a company this big, you’re going to see, every day, things that are not as great as you would have hoped or wanted them to be.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Tech Republic Security
DECEMBER 12, 2016
If you're looking for a way to enable your staff to more reliably and securely communicate with one another, here are two reasons why Wire should be your tool of choice.
Tech Republic Security
DECEMBER 16, 2016
Nextcloud has finally released the latest iteration of its cloud server platform, and it's packed with security features. Get tips on upgrading to Nextcloud 11.
Tech Republic Security
DECEMBER 12, 2016
The password simply isn't secure anymore. Spyware, brute force attacks, dictionary attacks, and phishing can make circumventing passwords easy. Here are five tools to add an extra layer of security.
Tech Republic Security
DECEMBER 13, 2016
The blockchain is best known as the system that validates Bitcoin transactions, but it has other potential uses. Here's what's essential to know about it.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Tech Republic Security
DECEMBER 15, 2016
Secretary of Defense Ash Carter instigated the Hack the Pentagon bug bounty. The success of that program lead the DoD to launch the Hack the Army initiative and a Vulnerability Disclosure Policy.
Tech Republic Security
DECEMBER 16, 2016
The latest Yahoo hack exposed over 1 billion users' accounts. Share your opinion: Can Yahoo recover, or will the data breach nuke Verizon's $4.8 billion acquisition of the internet portal?
Tech Republic Security
DECEMBER 15, 2016
Next year will see Microsoft reduce Flash to being click-to-play in Edge, as part of a bid to improve the browser's security, stability and battery drain.
Tech Republic Security
DECEMBER 15, 2016
DaRT is a robust toolkit that provides advanced troubleshooting utilities--but not all users should be granted access to all that power. See how to make sure only authorized users obtain access.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Tech Republic Security
DECEMBER 14, 2016
Learn the process of encrypting and decrypting folders on your Android device with the help of SSE Universal Encryption.
Tech Republic Security
DECEMBER 14, 2016
Criminals adapt, and so do the police—including their K9 dogs. The newest generation is being trained to sniff out electronic storage devices that police officers may miss.
Expert insights. Personalized for you.
Let's personalize your content