Kategorie

LinuxSecurity.com: Cyberattacks are now a daily occurrence and hardly a week goes by when we don't hear of a major data breach -- but despite rising numbers of hacking events, prosecutions rates are falling in the United Kingdom.

From the 10-year jail sentence for not unlocking your phone and the teen who hacked Apple to Facebook's news feed hoax, and more!

** Na internetu jsou tisíce nezabezpečených chytrých domácností ** Podívali jsme se na jednu z britského Brightonu ** Útočník sestaví kompletní socioekonomický profil rodiny

LinuxSecurity.com: Drawing from a recent study by SophosLabs, Principal Research Scientist Chester Wisniewski highlights a shift to the rise of more targeted and sophisticated ransomware threats, such as SamSam.

LinuxSecurity.com: An Australian teenager hacked into Apple's enterprise computer network, making off with 90 gigabytes of data before being discovered. He also accessed an undisclosed number of customer accounts during his year-long intrusion.

** Nvidia se na Siggraphu pochlubila novým grafickým čipem ** CZ.NIC varoval před útoky na domácí routery ** Bitcoin slavil 10 let

LinuxSecurity.com: ESG recently completed a research survey of 400 cybersecurity and IT professionals working at small organizations (i.e. 50 to 499 employees) in North America. As you can imagine, these firms tend to have a small staff responsible for cybersecurity and IT, reporting to business management rather than CIOs or CISOs. (Note: I am an employee of ESG.)

LinuxSecurity.com: Fileless malware attacks can be seen as the perfect crime of opportunity. The initial vector of an attack appears as a seemingly innocuous business email with a link to a bill or other update.

Odborníci z bezpečnostní firmy Check Point předvedli v průběhu hackerské konference DEF CON, jak lze zneužit nedostatky v komunikačních protokolech používaných v desítkách milionů faxů po celém světě. Podrobnosti přináší The Register. Nalezená chyba se týká především tiskáren s funkcí faxu v ...

Enterprises rely heavily on third-party vendors for faster time to market, improved profitability and reduced costs. However, third-party partnerships come with varying risks, including financial, information security, reputational and regulatory risks. If a business outsources important functions to third parties or uses them in its data handling or network chain, the risks are compounded by […]

The post Top 4 Best Practices for Protecting Your Business from Third-Party Risks appeared first on InfoSec Resources.

Top 4 Best Practices for Protecting Your Business from Third-Party Risks was first posted on August 17, 2018 at 5:26 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

  Victims of cyberattacks are in the news nearly every day. These organizations are big and small and represent healthcare, finance and utilities to local government and entertainment. In their 2016 Cyber Security Intelligence Index, IBM actually found that 60% of all attacks were carried out by insiders, which are employees or others with internal […]

The post 5 Reasons to Prioritize Security Awareness Training in 2018 appeared first on InfoSec Resources.

5 Reasons to Prioritize Security Awareness Training in 2018 was first posted on August 17, 2018 at 5:18 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Demand for information security professionals has grown in the last few years, as more companies are upping the ante on protecting the security of their digital assets. The infosec workforce gap is expected to reach 1.8 million by 2022 — a 20 percent increase since 2015 — according to Frost & Sullivan’s annual Global Information […]

The post 7 Most Difficult Information Security Certifications appeared first on InfoSec Resources.

7 Most Difficult Information Security Certifications was first posted on August 17, 2018 at 3:37 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The VERIS methodology was created by Verizon back in 2010. This was an effort to create an environment for the classification of specific information. The VERIS model is applied through the process of collecting different data points that separate various sections of security incidents, which are as follows: The incident threat landscape; The Impact landscape; […]

The post VERIS INCIDENT FRAMEWORK appeared first on InfoSec Resources.

VERIS INCIDENT FRAMEWORK was first posted on August 17, 2018 at 3:21 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

What is DoDD 8570? The DoD Directive 8570.01 is the framework to train and certify a qualified Information Assurance (IA) workforce. The Directive mandates that IA managers (IAM) and technicians (IAT) be trained and certified to an established DoD baseline certification requirement. The specific requirements for IAM and IAT personnel are spelled out in the […]

The post DoDD 8570 IAM Level III appeared first on InfoSec Resources.

DoDD 8570 IAM Level III was first posted on August 17, 2018 at 2:47 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The unpatched flaw would allow a bad actor to execute information-exfiltrating malware, backdoors, ransomware or any other kind of bad code he or she chose.

A new email campaign includes a Microsoft Office Publisher file with malicious URLs leading to the FlawedAmmyy RAT.

GIAC Security Essentials (GSEC) is one of the top certifications on the market for professionals who want to prove their IT skills on security-related tasks. This intermediate-level InfoSec certification is DOD-approved 8140 (DoDD 8570) for Level II IAT and is globally recognized by military, government and industry leaders. The GSEC certification is also highly respected […]

The post The GSEC Certification and Exam appeared first on InfoSec Resources.

The GSEC Certification and Exam was first posted on August 17, 2018 at 1:42 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

  Great training is the bedrock of engaged employees. Engaged means they are aware of and follow directives. Without training, employees could be making serious mistakes, especially in the realm of security. Security training allows organizations to influence behavior, mitigate risk, and ensure compliance. There are countless benefits of initiating security awareness training in your […]

The post 10 Benefits of Security Awareness Training appeared first on InfoSec Resources.

10 Benefits of Security Awareness Training was first posted on August 17, 2018 at 1:31 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

  Blockchain is one of the hottest and potentially among the most disruptive technologies today. So naturally, it’s a magnet for the criminal element, which is skilled at keeping up with new digital trends and finding ways to cash in. The market for cryptocurrency has exploded in the last couple of years. A University of […]

The post The Increasing Threat of Banking Trojans and Cryptojacking appeared first on InfoSec Resources.

The Increasing Threat of Banking Trojans and Cryptojacking was first posted on August 17, 2018 at 1:14 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF.