Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Employees Flout Social Network Security Policies
Many people admit changing settings on business devices to access prohibited sites from the workplace, finds Cisco.
Healthcare Breaches Spin Out Of Control
If the past week is any indication (and I'm afraid it is), health care companies are doing an abysmal job at protecting personal health care data.
Cybercrime Gets Social
Bad guys look to exploit social networks, games, and other fun things users do at work, Cisco research says
RSA Reports Address Rise In Enterprise Adoption Of Consumer Technologies
Survey of IT and security pros shows most organizations giving end users more leeway and influence in social networking, gadgets
The Value Of A Storage Administrator
Storage hardware and software manufacturers are trying to make the process of managing storage easier. There are simplified storage infrastructures, simplified storage management systems and software to monitor the storage environment, but reality is even the smallest of storage environments need someone focused on the task of making sure that everything is operating as planned.
Tokens A Tempting Option For Securing Cardholder Data
Tokenization might be the PCI Holy Grail, but the search for it could be just as circuitous
NIST Releases Virtualization Security Guidelines
The security of a virtualization solution is "heavily dependent" on the security of each of its components, according to the National Institute of Standards and Technology.
Air Force Accelerates, Streamlines Cybersecurity Hiring
Schedule A expedited hiring authority will allow the Air Force to fill almost 700 new cybersecurity positions without posting and publicizing the positions.
Glide Offers HTML5 iPad Web App
With its transcoding technology, Glide lets iPad users view Flash and Windows video.
Microsoft Launches 'Coordinated' Vulnerability Disclosure Program
Microsoft abandons controversial 'responsible disclosure' term, supporting public disclosure of unpatched bug details when attacks hit
DHS Releases Intrusion Detection Software
Suricata, developed by the Department of Homeland Security-funded Open Information Security Foundation, is available under the GPLv2 license.
Dell Shipped Malware Infected Motherboards
W32.Spybot worm discovered in flash memory on some replacement PowerEdge server motherboards.
Apple Safari Browser Surrenders Personal Data
A flaw in the implementation of Safari's AutoFill mechanism can be exploited to grab Mac users' names, street addresses, and e-mail addresses.
Black Hat: Mobile Flaws Get Attention
As security professionals converge in Las Vegas for Black Hat USA 2010, July 24-29, conference founder Jeff Moss says interest in mobile vulnerabilities is growing.
Report: Malware Purveyors Using Social Nets For Command And Control
Banking Trojan is among the first to be controlled through public social network, RSA says
Google Seeks Redefinition Of 'Responsible Disclosure'
Arguing that speedy software fixes enhance user security, Google wants the security community to change vulnerability disclosure practices.
Security Pros Feel Underpaid, But In Some Cases Would Take A Pay Cut
New survey shows value IT security professionals place on job security, training, quality of life
Avoiding Accidental Data Leaks In Small Businesses
SMBs struggle to educate users, protect company data from unintentional breaches
Conquering Large Web Apps With Solid Methodology
This is one of those weeks where I'm trying to wrap up as much as possible before I'm out of the office for Black Hat, BSides, and Defcon. One of those things on my list is a Web application assessment for a client that's a monstrous, open-source beast with subapplications bolted on from all over the place and tons of places for vulnerabilities to hide.
McAfee Releases Mac Security Tools
Internet Security and Family Protection for Apple Mac aimed at making Web browsing safer.
Cybersecurity Expert Shortage Puts U.S. At Risk
Presidential commission proposes overhauling certifications to increase cybersecurity professional quality and quantity.
Storage Protocol Explosion
Today's Storage Manager is faced with more shared storage connectivity choices than ever. Off the top of my head there is SAS, iSCSI, NAS, AoE, FCoE and of course good old Fibre Channel. One would think that at some point there will be a shake out in storage but that doesn't seem to happen and when it does it seems like they are replaced with two or three new ones.
The Cash Drawer Lock Box And SMB Security
Since information security first sprouted into its own industry, the small business market has been the red-headed stepchild of the newfound art.
Slideshow: Cloud Security Pros And Cons
Securing your business in the cloud can offer substantial savings and resources balanced by large and unexpected risks. In this review of cloud security silver linings and storms warnings, we look at some of the brightest and darkest security clouds.
Researcher Pinpoints Widespread Common Flaw Among VxWorks Devices
Diagnostics service feature in VxWorks OS kept activated in some VoIP, DSL, SCADA systems leaves them open to attack
Hackers Unite!
I'm like the proverbial kid in a candy store. This my favorite time of year. Between Black Hat, Defcon, and BSides, you have feds, criminals, security experts, reporters, and everyone in between congregating in the city of sin. What's not to like? Here's a rundown of these events, my picks for talks not to be missed, and an invitation.
Adobe Plans Security Sandbox For Reader
Windows users can look forward to improved malware protection in Adobe's Reader software.
Adobe To 'Sandbox' PDF Files
Upcoming security feature for Adobe Reader puts PDFs in protected mode
Semtek Announces PCI DSS De-scoping Of Major National Retailers
Deploying end-to-end encryption within large merchant's environments is considered the most difficult of all implementation use cases
Consortium Unveils Digital Entertainment Locker
Cloud-based UltraViolet platform allows consumers to buy and watch movies and TV shows on a host of Web-connected devices.
Reports: Turkish Hackers Have Stolen Personal Data Of More Than 100,000 Israelis
Israeli observers fear data thefts could be related to conflict between the two countries
SANS Raises Infocon Alert To Yellow In Light Of New Windows 'Shortcut' Attack Threat
Security experts closely monitoring spread of new zero-day threat
Microsoft Acknowledges Windows Shell Vulnerability
The zero-day vulnerability appears to be designed for industrial espionage.
Dell KACE Offers Free Secure Browser
To protect against web malware, Dell KACE's new free Secure Browser virtualizes a browser and restricts direct and cross-site access to dangerous or inappropriate websites.
Nonprofit Group Launches Open-Source IDS/IPS
Suricata 1.0 will go head-to-head with popular Snort tool
Detection And Defense Of Windows Autorun Locations
As an incident responder and forensic investigator, there's a truth we expect malware to always follow: Persistence is a must to survive. OK, exceptions exist. But the general rule of thumb is that malware seeks to persist, and it will hook itself into common areas on a victim Windows machine to do so.
SIEM Ain't DAM
I've been getting questions about the difference between system information and event management (SIEM) and database activity monitoring (DAM) platforms. It's easy to get confused given their similarities in architecture. There's also a great deal of overlap in events that each collects and the way they handle information. Couple that with aggressive marketing claims, and it seems impossible to differentiate between the two platforms.
Microsoft Warns Of Critical Vulnerability
Microsoft Friday warned its customers that attackers are targeting an unpatched and critical Windows vulnerability.
Mozilla Raises Security Bug Payout
If you are a bug finder, finding security flaws in Mozilla software products, such as the Firefox web browser, just became much more profitable after the foundation raised its bug bounty from $500 to $3,000. But will this move help improve your security?
Single Trojan Accounted For More Than 10 Percent Of Malware Infections In First Half 2010
Top two threats both exploit the Windows Autorun feature, BitDefender study says
Firefox Home Arrives For iPhone
Unable to offer a mobile version of Firefox on the iPhone, Mozilla has managed to get Apple to accept an app that makes Firefox data available.
Enterprise Security Market To Grow Nearly 14 Percent In 2010, Study Says
Outlook for 2011 also looks bullish, according to industry research firm Canalys
Malware Spreading Via USB Drives
The Stuxnet rootkit launches even with AutoRun and AutoPlay disabled and is known to affect Windows 7 Enterprise Edition x86 operating systems.
Does Data Retention Really Protect A Corporation?
As I have gone through the series on developing a keep data for ever strategy, one of the criticisms has been about the risk to the organization. The conventional wisdom is that email stores and PST files are fertile ground for opposing counsel looking for evidence and by keeping that data forever you are exposing yourself to further risk. My opinion is that you are at no greater risk than with a strict r
Researcher Says Home Routers Are Vulnerable
Black Hat presentation will demonstrate hacks that could work on many existing routers
Information Security Forum Delivers Tips For Reducing Security Risk In The Cloud At (ISC)2
Adrian Davis, a senior research consultant for the ISF, will examine the relationship between cloud provision and outsourcing
Certgate Unveils Security Solution For Mobile Devices
certgate Voice Encryptor resists spyware and malware attacks on mobile phones as well as 'man-in-the-middle' attacks
White House Issues Progress Report On Cybersecurity
Obama administration looks to raise awareness in private sector
Web Services, Cybercrime-Solver
NIST researchers propose designing Web services that preserve evidence of attacks and then, using that data, reconstruct series of Web service invocations that took place during the course of the attacks
Sophos: U.S. Leads List Of Spam Originators
In addition, Sophos study found 97% of all e-mail received by business e-mail servers are now spam
|
2021 Top Enterprise IT TrendsWe've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Tweet This
0 Comments
