Latest Posts

Af7244bb99debb4a1152fa49a993a05c

Google Says It’s Not Practical to Fix Flaws in Pre-KitKat Android

January 27, 2015 Added by:Eduard Kovacs

Researchers reported earlier this month that Google was no longer patching vulnerabilities affecting the WebView component in Android Jelly Bean (4.3) and prior.

Comments  (1)

Ebb72d4bfba370aecb29bc7519c9dac2

Do You Want “Security Analytics” Or Do You Just Hate Your SIEM?

January 27, 2015 Added by:Anton Chuvakin

Now that I’ve taken a fair number of “security analytics” client inquiries (with wildly different meanings of the phase), I can share one emerging pattern: a lot of this newly-found “analytics love” is really old “SIEM hatred” in disguise.

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

Looking Logically at Legislation

January 27, 2015 Added by:Wendy Nather

There's a lot of fuss around the recent White House proposal to amend the Computer Fraud and Abuse Act, and some level-headed analysis of it. There's also a lot of defensive and emotional reaction to it ("ZOMG we're going to be illegal!").

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

End of Life

January 27, 2015 Added by:PCI Guru

This topic has started to come up again as we go through PA-DSS research on applications and find that the listings contain operating systems that are at or past end of life (EOL).

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

The State of Obama Cybercare

January 26, 2015 Added by:Tripwire Inc

Over the past few years, we have seen cybersecurity move from the realm of IT into the boardroom and now onto the political stage. The reason for this is clear—the resiliency, security and safety of the Internet is critical to our economy and the progress of our society as a whole. It is our future.

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Bringing Metasploit Exploits to Life with PowerShell

January 26, 2015 Added by:Dan Dieterle

You have a remote shell to a Windows box in Metasploit, very cool, but what can you do?

Comments  (0)

Bf90bc151725ec2111a693c0d7eb0858

Stealth Mode: Lying in Wait Inside the White House’s Network

January 26, 2015 Added by:Wallace Sann

Federal agencies need to become more proactive and aggressive in protecting their biggest assets – their data.

Comments  (0)

E6258b956c06d8dbabbde10d4919e5ef

Three Compliance Trends to Watch in 2015

January 26, 2015 Added by:Mav Turner

Continuous compliance involves constantly reviewing processes and quickly making any necessary updates as a result of deviations from their intended performance. However, despite the fact that continuous compliance is effective at eliminating the gaps between compliance and security, it also greatly increases the complexity of managing compliance.

Comments  (0)

37d5f81e2277051bc17116221040d51c

Can Hackers Use FraudFox VM to Defeat Your Fraud Prevention?

January 22, 2015 Added by:Robert Siciliano

So how worried should your business—and customers—be about FraudFox VM ? I sat down with Scott Waddell the Chief Technology Officer of iovation, the fraud prevention experts, to find out what the reality is behind the media headlines.

Comments  (3)

E595c1d49bf4a26f8e14ce59812af80e

Battlefield Mobile: Threats Targeting In-Motion Endpoints Climbed in 2014

January 22, 2015 Added by:Patrick Oliver Graf

Brute force attacks, phishing schemes, SQL injections – they’re all proven attack methods that network administrators prepare for and defend against. But what about the next frontier? What attack vectors and endpoints do hackers now think are most vulnerable?

Comments  (0)