Blog Posts Tagged with "Security"
January 26, 2015 Added by:Mav Turner
Continuous compliance involves constantly reviewing processes and quickly making any necessary updates as a result of deviations from their intended performance. However, despite the fact that continuous compliance is effective at eliminating the gaps between compliance and security, it also greatly increases the complexity of managing compliance.
September 26, 2014 Added by:InfosecIsland News
Opinions vary wildly among experts as to the potential impact of the Shellshock vulnerability. What is known—and agreed upon—at this point, is that Shellshock is a very serious vulnerability because it allows remote code execution and gives the attacker full access to the system.
September 16, 2014 Added by:Nate Kube
There are differences between industrial control systems and enterprise IT networks resulting in different security needs. To protect industrial networks, system operators must opt for an industrial next gen firewall with an IDS that fully understands industrial protocols and the specific context of each industrial command.
April 22, 2014 Added by:InfosecIsland News
Point-of-sale (PoS) attacks are declining, while Web application attacks and cyber-espionage is increasing, according to the latest edition of the annual Verizon Data Breach Investigations Report (DBIR).
February 21, 2014 Added by:Anthony M. Freed
Recently, Dashlane released its quarterly Personal Data Security Roundup (PDF), which examines the “illusion of personal data security in e-commerce,” noting that consumers increasingly share personal and payment information with online retailers, and the only thing standing between that data and criminals is a mere password.
February 06, 2014 Added by:Stephen Marchewitz
According to Ponemon estimates (PDF), the breach will cost Target over $2 Billion dollars. Will Target's CFO get fired? He probably couldn’t spell security before the incident, but had to testify before congress about what they’re going to do…talk about your crash courses.
January 29, 2014 Added by:Michael Sabo
The PCI’s 12 mandatory requirements are designed to protect cardholder data from the threat of fraud or theft. Requirement 11.3 gets to the heart of the pen test, and it was revised in PCI-DSS version 3.0.
January 27, 2014 Added by:Robb Reck
There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.
January 23, 2014 Added by:Robert Shaker
We have already seen attacks from the virtual world affecting the physical world, so, wouldn't it be great if an attacker could shut down our refrigerators or the chillers and freezers in the Supermarkets?
December 21, 2013 Added by:InfoSec Institute
Supervisory control and data acquisition (SCADA) networks are considered by cyber strategists to be the backbone of any country. Critical infrastructure, and in particular control systems, require protection from a variety of cyber threats that could compromise their ordinary operation.
December 16, 2013 Added by:Michael Smith
The purpose of this post is to walk through all the steps needed to get iGoat setup “Soup to Nuts”. There is nothing here that is too difficult, but there are a few pitfalls in making this work.
December 03, 2013 Added by:Tripwire Inc
This article is mostly inspired by Jeff Garzik’s post, “‘Solution’ to bitcoin volatility,” in which Jeff, a Bitcoin core developer, discusses the price volatility which many feel is holding back Bitcoin from being a usable currency.
November 05, 2013 Added by:InfosecIsland News
Please join Trend Micro and SecurityWeek on Thursday, Nov. 7th at Blue Fin at the W Hotel in Times Square for an interactive security event with great food and open bar!
November 04, 2013 Added by:Jochem Binst
The online world as we know it today is not the same as the one we got to know in the beginning of the Internet era and certainly not the one that is emerging today! People worldwide are starting to realize this. All they have to do now is act on it. Strong authentication to secure the online world will be embraced since it becomes a necessity; using strong authentication is the next step.
Thought Experiment: Mandatory Online Banking... Eden Connie on 01-28-2015
Today's Mobile Device Data Protection Must G... Jonathan Miller on 01-28-2015
New Legislation on Threat Intelligence Shari... ut ut on 01-28-2015