Latest Blog Posts
Five Things Your InfoSec Team Should Do in the Next 30 Days
May 23, 2013 Added by:Steven Fox, CISSP, QSA
An interesting blog post outlined five actions that Apple CEO Tim Cook should take following his appearance before Congress. The article outlines five actionable steps to achieving something to which Tim Cook, and many information security teams, aspire – connection with their customers.
Comments (0)
The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
May 23, 2013 Added by:Andy Willingham
Here we go again. Another security researcher who apparently thinks that he knows best because his feelings were hurt by Microsoft.
Comments (0)
The Danger of Mixing Cyber Espionage with Cyber Warfare
May 22, 2013 Added by:Jarno Limnéll
Cyber espionage does not equate with cyber warfare. Espionage may be carried out by multiple actors for manifold reasons. It does not automatically relate to warfare and plays only a minor part in the vast realm of war.
Comments (0)
Improving Security by Failing Faster
May 21, 2013 Added by:Robb Reck
Being excellent at anything in life, whether it’s sports, business or security, is not about getting it right all the time. It’s about discovering your failures fast and responding to them nimbly.
Comments (0)
BYOD: Should It Be the Wave of the Future?
May 21, 2013 Added by:Allan Pratt, MBA
Due to the widespread popularity of iPhones, iPads, and other smartphones and tablets, the phrase “Bring Your Own Device” to work has become a curse to IT Departments everywhere.
Comments (0)
Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
May 20, 2013 Added by:Steve Ragan
Trend Micro, in the first release of their report, called this campaign SafeNet. Shortly after the research was released, the whitepaper was taken offline, and the campaign was renamed to Safe, which it most certainly isn’t.
Comments (0)
Managing My Company’s Security is a Nightmare
May 17, 2013 Added by:Luis Corrons
IT Departments are very often one step behind users, and unfortunately in most cases there is no real control over all devices on the corporate network. Despite perimeter solutions still being a necessity, the corporate perimeter must now expand to include new devices (mainly smartphones and tablets) that also handle confidential corporate information.
Comments (0)
Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
May 16, 2013 Added by:Francis Cianfrocca
Despite years of engineering, programming, reverse engineering, product development and a generous amount of FUD-driven marketing, the information security industry (loosely defined as representing the forces of good) lags far behind the innovation and sophistication of modern malware perpetrated by the forces of evil.
Comments (0)
The Evolution of Industrial Control System Information Sharing
May 16, 2013 Added by:Anthony M. Freed
The Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, recently issued an advisory warning of an elevated risk of cyber-based attacks against companies that are tasked with administering systems that control elements of our nation’s critical infrastructure.
Comments (0)
ATM Security (And Really Learning from the Past)
May 14, 2013 Added by:Andy Willingham
There are lots of other things that go into ATM security that can have a big impact on ensuring that it is as secure as possible.
Comments (1)
Complimentary IT Security Resources [May 13, 2013]
May 13, 2013 Added by:InfosecIsland News
As an Infosec Island reader, we are pleased to offer you the following complimentary IT security resources for the week of May 13, 2013.
Comments (0)
Steps Toward Weaponizing the Android Platform
May 13, 2013 Added by:Kyle Young
In this article I will be covering ways that one can turn their Android based device into a powerful pocket sized penetration testing tool.
Comments (1)
Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
May 10, 2013 Added by:Steve Ragan
Before malware could become a threat to medical devices, Adam Ely said attackers would have to write malware specifically targeted to these devices and organizations; or the devices would have to adopt a standard platforms and software.
Comments (1)
The Emperor Is Naked!
May 09, 2013 Added by:Krypt3ia
Last week a report came out on Wired about how the ACE (Army Corps of Engineers) database was hacked by China and "sensitive" dam data was taken.. By China, let that sink in for a bit as there was no real attribution data in the story
Comments (1)
Infographic: Keeping Web Applications Safe
May 09, 2013 Added by:Mike Lennon
Continuing the security industry trend of publishing infographics, the folks at Enterprise Strategy Group published an infographic that illustrates some of the challenges associated with web application security.
Comments (0)
Do You Have a Vendor Security Check List? You Should!
May 09, 2013 Added by:Michael Fornal
A security check list is a list of security controls that a vendor or application must meet. These controls can range from how storage back up is to be done, to password complexity requirements. Having a checklist can help you in deciding if the application or vendor conforms to your company’s security requirements.