Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

FireEye Operating System (FEOS) updates that address a series of security vulnerabilities have been released for several products.
Rogue digital certificates issued in India for several Google domains were identified and blocked last week, Google representatives said.
A group operating under the name Tunisian Hackers Team are targeting the websites of government agencies and large organizations with distributed denial of service (DDoS) attacks, according to a threat advisory.
The DHS has mistakenly released a trove of documents containing sensitive information and vulnerable critical infrastructure points across the United States in response to a recent Freedom of Information Act (FOIA) request about a cyber-security attack.
Microsoft has released new guidance to help customers defend against credential theft stemming from Pass-the-Hash (PtH) attacks.
Please join Palo Alto Networks and SecurityWeek on Wednesday, July 9th at 1:00 PM ET for an informative webcast on how your organization can better detect and prevent advanced cyber attacks.
A remote attacker could log into NETGEAR GS108PE ProSAFE Plus Switches and execute arbitrary code because of hardcoded credentials installed within the firmware used on the devices.
The 2014 ICS Cybersecurity Conference will be held October 20 – 23, 2014 at the Georgia Tech Hotel and Conference Center in Atlanta, Georgia, USA.
Introducing the bill to parliament this week, MP Vadim Dengin said "most Russians don't want their data to leave Russia for the United States, where it can be hacked and given to criminals."
The future of an open Internet faces threats from government crackdowns, and "balkanization" resulting from growing concerns over broad electronic surveillance, a survey of experts showed.

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Jason Polancich's picture
Studying a problem from every angle and every level always leads to more practical solutions and quicker (re)action.
Aviv Raff's picture
While the phrase “cyber kill chain” is embedded in the cyber security vocabulary, many enterprises are still not proactive about keeping their assets, data, and reputations safe from bad actors.
Danelle Au's picture
As SaaS adoption grows, so do the security concerns. But there is so much confusion around SaaS security that many enterprises are focusing on the wrong problems. Here are the three biggest myths when it comes to SaaS security...
Joshua Goldfarb's picture
Conceptually, integrating actionable intelligence is a logical endeavor, though it does contain details requiring specialized skills and technical knowledge. If you can better collect, vet, retain, and leverage intelligence, it will serve you well in the long run!
Scott Simkin's picture
While SSL decryption is necessary for maintaining network security, security admins need to establish strict rules about how they handle decrypted data.
Jon-Louis Heimerl's picture
Do people really understand what the U.S. Intelligence Community (IC) does and what classified information is? As someone who worked in the IC for about 10 years, here is an inside look.
Marc Solomon's picture
Organizations need to look at their security model holistically and gain continuous protection and visibility along the entire journey – from point of entry, through propagation, and post-infection remediation.
Chris Hinkley's picture
Why aren’t more organizations implementing two-factor authentication? In a word: inconvenience. Businesses are afraid of annoying their buyers by demanding multiple passwords or asking them to take an extra action that might spur them into abandoning the sale.
Tal Be'ery's picture
Defenders should use their "Strategic Depth" to mitigate attacks not on the perimeter but deeper within their network where they can leverage on their strategic advantage.
Torsten George's picture
In order to find the needle in the haystack, it is imperative to have all necessary data available to diagnose the patterns that point to an advanced persistent threat or sophisticated cyber-attack.