Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Disney Introduces Social Media Site
Let The Memories Begin offers guests a site to share photo, video or text memories and allows Disney to use the content in advertising and marketing.
Gen. Alexander Calls For 'Secure, Protected Zone' On Internet For Nation's Networks
'The question is, how do we do it,' said the director of the new U.S. Cyber Command and the National Security Agency
What Solid State Form Factor Is Best - Integration
Returning to our Solid State Form factor series; this entry we are going to begin the discussion about solid state integration. There are really two parts of the integration discussion; how will you integrate solid state disk into your storage infrastructure and the other is how will your vendor integrate solid state disk into their storage system? We'll tackle the vendor issue first since it may directl
The Top Five Ways Attackers Target Small Businesses -- And What You Can Do About It
SMBs are becoming a favorite target for cybercriminals. Is your organization taking the right steps to stop them?
'Here You Have' A Lesson
It's been interchangeably called spam, or a targeted attack that spun out of control, or a form of cyber-jihad with alleged geopolitical implications. But regardless of what you call it, the "Here You Have" email worm is an excellent example of just how well today's security can work. Here are a few justifications for that optimism.
Stuxnet Heralds New Generation of Targeted Attacks
Power plants no longer considered immune to infection, and targeted attacks become more precise
AMD Lowers Q3 Sales Forecast
Intel and AMD both cut forecasts for the third quarter citing weaker than expected sales of processors for consumers PCs.
Facebook Suffers Slowdowns, Access Problems
The popular social network acknowledges some users may have difficulty accessing the site, but has yet to provide details of the cause.
Google, YouTube Win Copyright Ruling In Spain
Aggrieved media companies keep claiming copyright infringement but courts keep siding with Google.
Report: Government Agencies Lag In DNSSEC Adoption
New report shows DNSSEC adoption slow within the .gov community, with many missing federal mandate deadline
Red Hat Boasts 20% Gain In 2Q Earnings
Strong renewals, new project spending, expansion, and cross-selling credited for rise in revenue over 2009.
Cyber Command Director: U.S. Needs To Secure Critical Infrastructure
General Keith Alexander says the new U.S. Cyber Command will work to protect the nation's key industries and defense networks from devastating cyber attacks.
Different Flavors Of The Insider Threat
There are different categories of insider threats, based on the level of access the employee has. There are four types: pure insider, insider associate, insider affiliate, and outside affiliate. Each of these categories also has different motives. Understanding each is a key to building proper preventive and detective defenses.
WAN Security: Your Next Assignment
Firewalls and IDS aren't enough. WAN security pros must embrace data-centric protection.
For Small Businesses, Social Networking Poses New Security Risks
Many SMBs could be infected before they can develop adequate policies, experts say
After HP Acquisition, ArcSight Lays Groundwork For Future At User Conference
HP exec says "a new approach is needed" for security
Samsung Epic 4G First To Access Media Hub
Sprint has launched a series of "epic mini movies" that showcase the Android handset's entertainment capabilities and the download speeds of the carrier's 4G network.
Most Third-Party Software Fails Security Tests
Veracode report shows eight of 10 applications at risk of failing PCI compliance audit
Most Websites Have Serious Vulnerabilities To Attack, Study Says
Large sites have an average of 13 serious vulnerabilities; smaller sites have slightly fewer
FBI Awards $40 Million To BAE For Cybersecurity
Contract will provide risk assessments and monitor data security for the Federal Bureau of Investigation's IT systems.
The Cookies You Can't Remove
They say that some things last forever, like diamonds or true love or Twinkies. But should browser cookies used for tracking be added to that list?
Oracle Intros Healthcare Security Governor
Tool leverages other Oracle identity management and data mining products to offer retrospective and real-time fraud detection for medical organizations.
Product Watch: eEye Revives Free Zero-Day Vulnerability Tracker Site
Aims to be a 'one-stop shop' for zero-day vulnerabilities, analysis
Web-Based Spam Detection With Google Alerts
Search engines are great, powerful tools. They can help find an answer when you've tried everything you can think of. They can also help find information about a company you may be performing a penetration test on.
Google Could Drive Mobile Two-Factor Authentication Model
New Google Apps offering could overcome previous barriers to multifactor authentication
Apple To Acquire Polar Rose Face Recognition Firm
The facial recognition software made by the Swedish company can be used in the cloud, on a computer or on iPhone and Android smartphones.
Twitter Attack An XSS Wake-Up Call
Attackers targeted once-patched cross-site scripting flaw on Twitter's website that had re-emerged after a site update
Accuvant Acquires Cybersecurity Firm Ciphent
Purchase by security consulting firm aims to grab a share of increased spending by federal agencies.
Twitter Worm Fixed
A cross-site scripting flaw that allowed several worms to spread on Twitter has been repaired.
Hacking, Not Partying, At The Frats: 1 In 5 College Students Have Hacked
One-third say hacking is 'cool,' though nearly half have had their own social networking or email accounts compromised
Twitter Under Attack
There's a cross-site site scripting flaw aggressively spreading across the social networking site Twitter. I know, I was hacked first thing this morning. . .
Virtual Desktops And Storage - Dealing With Boot Storms
Virtual desktop environments are different than virtual server environments when discussing performance. To the virtual desktop environment we need to be able to provide acceptable performance consistent, but moderate, performance throughout the day to a set of endpoints (desktops and laptops) that have similar I/O patterns. This is different than server virtualization which has highly random I/O patterns and needs very high performance at peak moments throughout the day.
Turn Workers Into Security Partners
Rather than just protect employees or protect against them, security managers should rely on users to help defend the business
The What And The Why Of Professional Penetration Testing
Welcome to the first in a series of posts on professional penetration testing. During the course of the next few entries, I will shed light on the often confusing and rarely straightforward world of penetration testing based on my experience during the past decade as both a professional penetration tester and a manager of penetration testing teams.
NIST Research Could Boost Mobile Device Security
An electron spinning technique could pave the way for a new generation of wireless device signals that are difficult for enemies to intercept, according to researchers at the National Institutes of Standards and Technology.
Missing The Insider Threat
"I trust everyone. It is the devil inside that I do not trust" is a great line from the movie "The Italian Job." Every single person has the potential to do harm if the right circumstances occur. Yes, this includes employees.
NC State, IBM Researchers Create 'Stealth' Hypervisor Security Tool
Tool will ultimately be offered as open source
Stuxnet Updates Through P2P Communications
Symantec finds that peer-to-peer networks can propagate the malware, even though its command and control systems are now offline.
Piracy Activists Attack Entertainment Industry Sites
Distributed denial of service strikes hit Motion Picture Association of America, Recording Industry Association of America over the weekend.
Adobe Accelerates Fix For Flash Flaw
Repair for the critical vulnerability, which is being actively exploited, will be released Monday rather than later this month.
Protegrity Gets Aggressive
Last week Protegrity announced it had filed patent infringement suits against NuBridges and Voltage Security Inc., its main competitors. Patent infringements suits are nothing new with technology companies, but this one was a little odd in that the suits were actually filed in May.
Google Bolsters Apps With Two-Step Verification
Protection will be available first to Google Apps Premiere, Government, and Education edition users, at no extra charge
Yahoo CEO Touts Alibaba Investment
Carol Bartz says Yahoo's 39% stake in the China e-commerce leader is great for business, refuses comment on tension between the firms.
A Lesson From Steve Jobs' Email
We've all had one of these moments: You get an email and quickly respond without putting much thought into it. Then you end up wishing you'd taken more time.
Fraudsters Attempt To Steal Interpol Chief's Identity Via Facebook
Interpol Secretary General Noble says bold criminals tried to impersonate him online
Steady Bleed: State of HealthCare Data Breaches
Study reveals that, for many healthcare providers, patient data breaches continue - month after month - at an alarming rate.
Google Apps Adds Two-Step Verification
Enhanced security is now available to Google Apps enterprise customers via their mobile phones.
Security Exploits Increasingly Complex
A study from HP TippingPoint finds that web applications are still an attack magnet, but hackers now appear to be collaborating more closely to spot new flaws.
Protection Efforts Superficial
Database security is a growing concern.
Former Contractors Indicted For Leaking U.S. Nuclear Secrets
Man and wife who worked at Los Alamos National Labs allegedly tried to sell secrets to FBI agent posing as Venezuelan official
|
Incorporating a Prevention Mindset into Threat Detection and ResponseThreat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time.
The report covers areas enterprises should focus on:
What positive response looks like.
Improving security hygiene.
Combining preventive actions with red team efforts.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
0 Comments
