Social Engineering – Corporate Security breach in 20 minutes

Uncategorized Comments Off on Social Engineering – Corporate Security breach in 20 minutes

This account illustrates how excellent acting skills and technological know-how can be combined into social engineering attack http://securitywatch.pcmag.com/security/320913-hacked-in-20-minutes-social-engineering-done-right QUOTE: How long would it take for an attacker to break into a business? Get on the corporate network as an authenticated user? If you think it would take a few days or even a few hours, you […]

RSAC 2014 – Patch Management improves security

Uncategorized Comments Off on RSAC 2014 – Patch Management improves security

Another informative talk in 2014 RSA conference http://securitywatch.pcmag.com/security-software/321014-rsac-can-windows-updates-protect-against-malware QUOTE: Are your PCs all configured for Automatic Update? If not, you’re risking more than just missing out on the latest version of Internet Explorer. At the RSA Conference, Simon Edwards, Technical Director of London-based Dennis Technology Labs, presented the results of a study showing that keeping […]

RSAC – Lax Home security affects corporate security

Uncategorized Comments Off on RSAC – Lax Home security affects corporate security

Best security practices should begin at home, as there is valuable personal data at risk. As article notes, almost half of all users surveyed don’t use password protection on mobile devices and valuable data & services are at risk if stolen.  Likewise in corporate environment, even greater levels of safety are needed http://securitywatch.pcmag.com/none/321016-rsac-consumers-lax-security-at-home-affects-businesses QUOTE: What […]

Malware – RAM Scraping Point of Sales attacks in-depth

Uncategorized Comments Off on Malware – RAM Scraping Point of Sales attacks in-depth

Bromium Labs shares in-depth analysis: http://labs.bromium.com/2014/01/13/understanding-malware-targeting-point-of-sale-systems/ QUOTE: Back in 2009 several companies (including Visa and Verizon) published threat reports describing a new kind of malware – RAM scrapers (Verizon report, Visa report). These are malicious programs that search memory of point-of-sale (POS) systems for bank card information. After that a number of blog entries appeared, […]

IE10 Exploit – Recommendation to promptly apply patches

Uncategorized Comments Off on IE10 Exploit – Recommendation to promptly apply patches

Corporate & home users should patch expediently.  IE11 also offers improved protection & functionality.  It has been a solid browser in both home & corporate environments, as “compatibility view” option helps work around legacy site issues. http://securitywatch.pcmag.com/none/321016-rsac-consumers-lax-security-at-home-affects-businesses QUOTE: There’s never a dull moment in the security industry, just as we heard about the latest IE 0day; […]

RSAC – Risks related to Shortage of IT Security professionals

Uncategorized Comments Off on RSAC – Risks related to Shortage of IT Security professionals

Corporate Security must  implement a blend of “technology” and “people” solutions, to safeguard information resources.  While the best technical defenses are always required, users are a vital part of the equation.  Otherwise, attackers will eventually learn enough to bypass physical, technical, or user based controls.  As evident in recent attacks, the highly advanced skills and […]

Information Security Professionals – Reading recommendations

Uncategorized Comments Off on Information Security Professionals – Reading recommendations

PC Magazine shares beneficial resources for IT Security professionals http://securitywatch.pcmag.com/security/320998-books-every-infosec-professional-should-read QUOTE: And now, the top five titles: 1. Cryptonomicon, by Neal Stephenson 2. Confront and Conceal: Obama’s Secret Wars and the Surprising Use of American Power by David E Sanger 3. Kingpin: How One Hacker Took Over the Billion-Dollar Cyber-Crime Underground by Kevin Poulsen 4. The Cuckoo’s Egg: […]

EMET 4.1 – Researchers share recommendations for improvement

Uncategorized Comments Off on EMET 4.1 – Researchers share recommendations for improvement

As EMET 5.0 will improve endpoint security protection, Bromium Labs shared in a responsible disclosure highly advanced techniques that could work around this protective agent.  The research report can be found in this thread:  http://labs.bromium.com/2014/02/24/bypassing-emet-4-1/ http://bromiumlabs.files.wordpress.com/2014/02/bypassing-emet-4-1.pdf QUOTE: We found that EMET was very good at stopping pre-existing memory corruption attacks (a type of hacker exploit).  […]


© 2021 Computer Safety & News.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in