Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Mozilla has unveiled a new, cross platform memory inspection library that can be integrated into its Mozilla InvestiGator (MIG) endpoint security system.
Rapid7, a provider of security analytics software and services, announced on Tuesday that has launched a new services group dedicated to incident response.
Despite the focus on exotic zero-day exploits and sophisticated hacking techniques, IT teams are more concerned about more mundane risks to their organizations, such as risky employee behavior and cloud security.
Uber said on Friday a data breach may have allowed malicious hacker(s) to gain access to the driver’s license numbers of roughly 50,000 of its drivers.
UK-based TalkTalk, a telecommunications and broadband company, confirmed that it has suffered a data breach, which names, phone numbers, addressees and account numbers of its customers were exposed to malicious actors.
Attackers are using Windows Management Instrumentation (WMI) and PowerShell to avoid detection and carry out broad commands on compromised systems, according to FireEye-owned Mandiant.
Sqrrl, a Cambridge, Mass.-based big data analytics startup with roots linked back to the NSA, announced that it has secured $7 million in a Series B founding round.
Industry professionals applauded the steps by the White House to promote cyber threat information sharing, but an executive order can only go so far and more is needed than just information sharing to combat sophisticated cyber attacks, experts said.
Register for this webcast to learn how you can align, automate and enforce controls to security and compliance policies - while providing visualization, workflow and reporting critical to improving operational efficiency and reducing audit costs.
An an outage at Facebook on Jan. 26 was not the result of a third party attack, Facebook said, but occurred after the company introduced a change that affected its configuration systems.

FEATURES, INSIGHTS // Incident Management

rss icon

Mark Hatton's picture
In the world of security, there is often a significant difference between perceived reality and what is actually happening, and the public’s perception of security within your organization can be just as important as reality.
Joshua Goldfarb's picture
Tree rings occur when the growing season ends and growth stops. To avoid stagnation, a security organization must never stop growing.
Rafal Los's picture
As a security professional you must know the three categories of threats your organization faces, how to respond to each — and how to expend your resources.
Torsten George's picture
Massive data breaches are raising doubts about whether organizations are investing their security dollars in the right areas.
Danelle Au's picture
A data breach plan lays out the key steps and the key personnel to involve when a data breach happens, and needs to incorporate three elements.
Joshua Goldfarb's picture
At a high level, "big data" and "security analytics" are about the two very different, somewhat diametrically opposed, but equally important concepts of collection and analysis.
Joshua Goldfarb's picture
Asking the right questions is one of the most important and fundamental aspects of a successful security program, and allows security teams to approach challenges analytically and logically.
Jon-Louis Heimerl's picture
Based on high level review of the types of breaches we have seen over the past year, we should be able to see opportunities to make our environments more resilient to attack.
James McFarlin's picture
If North Korea is connected to the Sony attacks, it would be an archetypal example of such a weaker state using cyber operations to level the playing field in potential confrontations with the United States.
Joshua Goldfarb's picture
In resource-limited environments, every alert counts. Spear alerting is an approach that can help organizations improve their signal-to-noise ratio and make their security programs much more efficient and effective.