Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Major Companies 'Fail' Social Engineering Test
Report details results of major social-engineering 'capture the flag' contest that targeted 14 companies in retail, airlines, food service, technology, and mobile services
Data Breach Costs: Beware Vendor Contract Fine Print
Organizations often end up paying the consequential costs of data breaches when third-party vendor contracts aren't scrutinized.
3 Steps To Make Your Database More Secure
Database security often takes a backseat to performance and other concerns. Here's how to strike a balance that works.
Social Malice: One In 60 Facebook Posts Are Malicious
LinkedIn users feel safest, according to new social networking data gathered by Barracuda networks--but not for long.
Innovative Attacks Treat Mobile Phones As Sensors
Recent research showed that a phone's accelerometer could detect vibrations from key presses on a nearby keyboard
SSL Servers No Match For Laptop-Based Hack
Tool lets hackers launch a denial-of-service attack from a single PC over a DSL connection.
6 Deadly Enterprise Security Mistakes
These small, subtle security mistakes can have big data breach consequences.
Stolen iPads A Special Problem For Fed Agencies
Mobile devices will inevitably go missing, as a recent theft at the VA shows. So security and device management work continues.
Tool Lets Single Laptop Take Down An SSL Server
Yet another strike against SSL security
UBS Finds Risk Management Stress Test Costly
UBS failed to stop a single rogue trader from racking up $2 billion in losses. Yet, some experts argue that banks overall may be better than others at managing risk.
Nasdaq Server Breach: 3 Expected Findings
While federal investigators remain quiet about the ongoing investigation, experts say that the Directors Desk data breach is even worse than thought.
Hackers Likely Have Japanese Warplane, Nuclear Data
Attackers likely accessed sensitive data relating to military
aircraft, missiles, and nuclear power plant designs and safety
systems, said Japanese defense officials.
Pocket Guide To Securing Mobile Devices
With workers bringing their own smartphones and tablets into the company, IT security needs to focus on creating a more secure environment, not on securing each device
TDL4 Botnet Now Even Harder To Kill
Infamous botnet revamped to make its malware even more difficult for enterprises, security researchers, to detect
XML Encryption Flaw Leaves Web Services Vulnerable
Apache, Red Hat, IBM, Microsoft, and other major XML framework providers will need to adopt new standard, say German researchers who found the flaw.
Top FBI Cyber Cop Recommends New Secure Internet
Shawn Henry says current Internet will never be secure enough to beat hackers or meet the security needs of critical infrastructure providers.
Anonymous Attacks Child Pornography Websites
Hacktivist group disables numerous darknet child pornography sites, publishes 1,500 related usernames, and invites FBI and Interpol to investigate.
Metasploit For The Masses
New version of free Metasploit tool aimed at 'newbie' penetration testers
Does Cybercrime Pay?
Turning a profit in today's underground economy remains tough. Here's why.
The Three Most Frequently Attacked Mobile Devices
Android devices, tablets, and jailbroken devices top list of riskiest mobile products in the enterprise setting.
Facebook: Latest 'Hack' Was Old, Invalid User IDs
Hacking group "Team Swastika" released apparent Facebook usernames and passwords, but the social network says the data isn't tied to live accounts.
NSA Chief Plays Offense on Cloud, Cybersecurity
Cloud has become a key part of the NSA's IT strategy, said Gen. Keith Alexander. Coming soon: A DOD offensive strategy for responses to cyberattacks and threats.
Are Your IT Pros Abusing Admin Passwords?
One in four IT professionals know of a coworker who has used privileged credentials to snoop. Worse, 25% of superuser passwords don't pass basic security test.
Banking Trojans Adapting To Cheat Out-of-Band Security
As financial institutions adopt out-of-band security, attackers quickly adapt
Researchers: 'Precursor' To Son Of Stuxnet Spotted In The Wild
Process-control vendors, certificate authorities among those in the bull's eye for what might be prelude to a new Stuxnet attack, Symantec and McAfee say
Can Anonymous Cripple Critical U.S. Infrastructure?
Homeland Security says Anonymous can cause DDoS attacks, but says chance of attack on scale of Stuxnet is slim.
Slide Show: Signs That Malware Could Be On Your Mobile Device
Even healthy mobile phones can exhibit dodgy behavior, but there are some telltale signs that malicious software could be on board
Finding And Securing Sensitive Data In The Enterprise
Your organization's most valuable data may be stored in scattered – and insecure – locations. Here are some tips for identifying that data and making sure it doesn't leak out
Evolving Security Threats: Is Your SMB Ready?
A mix of common sense, employee education, and security tools can help SMBs identify and prevent social engineering scams and other emerging threats.
Blackhole Crimeware Goes 'Prime Time'
New HP OfficeJet phishing emails peaked at around 36,000 per minute on Wednesday.
New Version Of Zeus Leverages Peer-To-Peer Technology
Update could make it more difficult to take down fraud operations, researcher says.
VeriSign Withdraws Request To Suspend Malicious Domains
Proposed plan to scan domains and suspend those found to be malicious now dead in the water
New Version Of Zeus Leverages Peer-To-Peer Technology
Update could make it more difficult to take down fraud operations, researcher says
More Exploits For Sale Means Better Security
Selling exploits can help companies test their systems, but is there room for an independent market?
Air Force Says Drone Virus Is No Threat
An attack on the network that controls U.S. military unmanned aerial vehicles was only a "nuisance," military arm claims.
Advanced Threats And Scenario-Based Penetration Testing
Why your pen-test efforts probably aren't preparing you for the worst
More Exploits For Sale Means Better Security
Selling exploits can help companies test their systems, but is there room for an independent market?
Your Other Compliance Problem: Third Party Vendors
All your internal compliance initiatives may be for naught if third parties that touch your regulated data expose vulnerabilities.
Social Media Can Hurt You In A Lawsuit
Social media postings could soon join email as a common part of the legal discovery process. Here's what SMBs need to know to protect themselves.
Feds Tighten Cybersecurity Policies To Stop Insider Threats
White House order aims to avoid another Cablegate by creating more agency oversight and security for data stored on classified networks.
Feds: Cloud Computing Doesn't Increase Security Risk
Administration officials tell Congress cloud security problems are no worse than other IT risks.
Steve Jobs And Tech Security
Apple's products continue to highlight what relatively secure operating system environments look like.
Are Users Too Dumb For Security Awareness Training?
Too many security pros blame users for failing to remember the fundamentals that security awareness training teaches, but the real problem is that these programs just aren't very good
Most Businesses Don't Spot Hack Attacks
Congress hears testimony that most businesses are told by government agencies and law enforcement that they've been hacked, and that better security data sharing is needed.
Anonymous Threatens New York Stock Exchange Attack
Calls for distributed denial-of-service attack as part of the Occupy Wall Street protests.
6 SharePoint Security Challenges
Even Microsoft recommends locking down its popular and widely used collaboration, file sharing, and online publishing platform.
Microsoft: No Resurrection For Dead Botnets
The shutdown of Waledac 2.0 by Microsoft and Kaspersky aims to send a message, but also raises questions
Federal Cybersecurity Incidents Rocket 650% In 5 Years
As Obama administration declares October a time to focus on
stopping cybersecurity threats, GAO releases a report indicating weaknesses.
Microsoft Still Mistaking Google Chrome For Zeus Malware
Despite Microsoft's emergency Security Essentials update, some users saw continued trouble Monday with Chrome reinstalls.
Military Health Plan Data Breach Threatens 4.9 Million
Tricare says lost backup tapes fall under FTC jurisdiction, not HIPAA, so only offers 90 days of fraud protection.
|
How Cybersecurity Incident Response Programs Work (and Why Some Don't)This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
The Threat from the Internet—and What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Tweet This
15 Comments
