March 04, 2015 Added by:InfosecIsland News
Suits and Spooks London 2015 will be our first 2-day international event, and is jointly produced with techUK, an association of over 850 companies that's funded by the British government.
March 04, 2015 Added by:Eduard Kovacs
The notorious Angler exploit kit has started leveraging a new technique to ensure that its malicious activities are not interrupted when the domains it uses are blacklisted, researchers at Cisco revealed on Tuesday.
March 04, 2015 Added by:Tripwire Inc
Companies like mine, and consultants like me, have long been instructed and expected to pass on the mantra that the solution to security is compliance with standards and that being in compliance means you are secure. Having worked in the industry for more than a decade, I know that this is demonstrably not true.
March 04, 2015 Added by:Brent Huston
This article about research showing how malware could be hidden in Blu-Ray disks should serve as a reminder to us all that a lot of those “smart” and “Internet-enabled” devices we are buying can also be a risk to our information.
March 04, 2015 Added by:Pierluigi Paganini
A GAO report to FAA reveals that the systems adopted in the Aviation industry are still affected by weaknesses that could be exploited by hackers.
March 03, 2015 Added by:Brian Prince
According to Sophos, the malware is now hiding the malicious payload in Windows registry instead of writing the file on disk.
March 03, 2015 Added by:Robert Vamosi
To better combat the increasing use of the Dark Web for illegal purposes, DARPA, the U.S. military’s Defense Advanced Research Projects Agency, is building a search engine known as Memex for law enforcement use.
March 03, 2015 Added by:Anton Chuvakin
My research into security analytics and Gartner recent forays into so-called “smart machines” research converge in this post. Hilarity ensues!
March 03, 2015 Added by:Tripwire Inc
Financial gain or fraud was the primary driver of the 11,698 instances of insider privilege abuse – defined as any unapproved or malicious use of organization resources – in last year’s Verizon Data Breach Investigations Report.
March 02, 2015 Added by:Barracuda Networks
The PCI DSS 3.0 is here. Since Jan 1, 2015 organizations under its purview are required to comply with the updated standard. Many of the changes stem from the recent high profile breaches, despite being compliant.