Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Researchers have found that the components of the FDT/DTM specification, designed to ease the management of industrial control systems (ICS) contains serious vulnerabilities.
Trustwave researcher Ben Hayak presented an attack method, which he calls Same Origin Method Execution (SOME), at the Back Hat Europe security conference in Amsterdam, the Netherlands.
A vulnerability in SSL 3.0 lets attackers extract session cookies and other secrets from encrypted online communications, but experts believe the seriousness is tempered by the overall difficulty in exploiting the vulnerability.
Hundreds of professionals from around the world will come together on October 20-23 for the 14th edition of the ICS Cyber Security Conference, the longest-running cyber security conference dedicated to the industrial control system sector.
A security researcher has uncovered a new attack vector called "Reflected File Download" where a malicious file can be downloaded without actually being uploaded anywhere.
Attackers exploited a zero-day vulnerability in Windows to spy on NATO, the European Union, the Ukraine, and private energy and telecommunications companies, according to cyber-intelligence firm iSight Partners.
Internet Corporation for Assigned Names and Numbers (ICANN) is on course to break free of US oversight late next year.
Several sophisticated threat groups have breached the systems of a major critical manufacturing company, the Department of Homeland Security (DHS) revealed in a report.
WordPress is the most attacked content management system (CMS), according to a report from Imperva. Analysis showed that WordPress websites were attacked 24.1% more than sites running on all other CMS platforms combined.
Wurldtech Security Technologies has launched a new network security solution built specifically to protect industrial and SCADA operations.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Scott Simkin's picture
The network edge is the ideal location for quickly preventing the vast majority of attacks, but looking forward, you should consider how pervasive deployments can stop the new breed of advanced attack.
Marc Solomon's picture
Advancing our security controls isn’t going to happen overnight. But we are well on our way with technology and capabilities that are already headed in this direction, implementing dynamic controls to see more, learn more, and adapt quickly.
Rebecca Lawson's picture
There is a widening gap between detection of a threat and enforcement that causes the threat to stop at the firewall, rather than play out its malicious intent.
Mark Hatton's picture
Software and hardware alone are not enough to manage a massive enterprise security program. You need security professionals and experienced leaders who can keep the team (and the tools) operating effectively.
Eddie Garcia's picture
Many features are available for Apache Hadoop that can help enterprises pass internal and external security requirements and audits.
Travis Greene's picture
Though there are unique risks associated with identity and access from mobile devices, there are also opportunities that mobile devices bring to address identity concerns.
Wade Williamson's picture
As we build more accessible, scalable, and efficient computing models, we likewise open ourselves up to attacks that are likewise more accessible, scalable and efficient.
Marc Solomon's picture
Thanks to significant technological advances what we can do is use knowledge of the past and the present to drive a desired future outcome. That capability is extremely important for better security given today’s threat landscape and the vicious cycle defenders face.
Joshua Goldfarb's picture
Although it may be tempting to envision a world where the analyst has been fully automated, this does not seem particularly reasonable.
Pat Calhoun's picture
Being connected is critical and all the elements of an organization’s security platform should work in concert together to provide adaptive security for the entire environment.