Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-07-19 12:00:02 |
How to Create an Effective Incident Response Plan (lien direct) |
>Learn how to respond to cybersecurity breaches in three steps. Build an incident response plan, practice implementing it, and orchestrate and automate to make operations more efficient.
|
|
|
★★
|
|
2019-07-18 11:15:02 |
Does Your Cloud Vendor Contract Include These Crucial Security Requirements? (lien direct) |
>Failing to negotiate security requirements into cloud vendor contracts can result in a lack of transparency and formally defined accountability for data security.
|
|
|
|
|
2019-07-18 10:00:03 |
I Can\'t Believe Mirais: Tracking the Infamous IoT Malware (lien direct) |
Mirai malware is often perceived as a low-risk threat to enterprise security, but consumer devices in the home, when connected to corporate networks, can expose corporate networks to botnet attacks.
|
Threat
Malware
|
|
|
|
2019-07-17 12:55:02 |
Enterprise Mobility Management Gets Personal (lien direct) |
>Enterprise mobility management (EMM) is widely adopted, but security leaders still struggle to enroll BYOD and other user-centric models.
|
Guideline
|
|
★★★
|
|
2019-07-17 12:40:02 |
The Expiration Date on Passwords Has Expired (lien direct) |
>Changing your passwords frequently sounds like commonsense advice. However, just because something is common doesn't mean it makes sense.
|
|
|
|
|
2019-07-16 12:00:04 |
The Fine Art of Protecting Microsoft Office 365 Apps With Multifactor Authentication (lien direct) |
>When it comes to protecting businesses from the growing variety of Office 365 security threats, balancing the benefits of multifactor authentication with user demands for convenience is a fine art.
|
|
|
|
|
2019-07-16 12:00:02 |
The Wild West Era Has Ended - What\'s Next for Data Privacy? (lien direct) |
People often think of the cybersecurity industry as the Wild West, but data privacy regulations have been influencing the way companies respond to a data breach for well over a decade.
|
Data Breach
|
|
|
|
2019-07-15 12:00:02 |
Threat Intelligence Is the SOC\'s Road Map to DNS Security (lien direct) |
Threat intelligence provides the context SOC analysts need to proactively identify DNS security threats and prevent future DNS attacks.
|
Threat
|
|
|
|
2019-07-12 14:00:02 |
Why Security Incidents Often Go Underreported (lien direct) |
>If you saw a coworker browsing through a database they weren't supposed to have access to, would you report it? New research suggests that employees often underreport such security incidents.
|
|
|
|
|
2019-07-11 15:15:02 |
Take a Proactive Approach to the Darknet Threat (lien direct) |
>A proactive approach to security and intelligence gathering is the best way to stem the tide of threats and lucrative trading of business-critical data on the darknet.
|
Threat
|
|
★★★★★
|
|
2019-07-10 11:45:02 |
The Cyber Kill Chain Is Getting Shorter As the Skills Gap Widens (lien direct) |
>While the cybersecurity skills gap is a years-old challenge, organizations are facing a new conundrum: The cyber kill chain is getting shorter. How can the industry address these dual problems?
|
|
|
★★★★★
|
|
2019-07-10 10:00:02 |
Why Cybercriminals Are Targeting Travel and Transportation (lien direct) |
>Why are travel companies increasingly targeted in cyberattacks? Valuable data and customer hospitality demands make the travel and transportation industry especially tempting to cybercriminals.
|
|
|
|
|
2019-07-09 11:30:02 |
Mobile Device Management Evolves to Support New Device Use Cases (lien direct) |
>As new deployments of screens, IoT devices and other connected endpoints proliferate, mobile device management is key to helping businesses secure, manage and control new mobile-oriented use cases.
|
|
|
★★★
|
|
2019-07-09 11:15:04 |
Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT) (lien direct) |
>IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.
|
|
|
|
|
2019-07-08 16:00:02 |
Your \'Invisible Workforce\' Needs More Visibility in Security Planning (lien direct) |
The workforce is becoming more "invisible." But far too many organizations still aren't taking this into consideration during security planning.
|
|
|
★★
|
|
2019-07-08 11:30:02 |
Innovation or Security? With Multifactor Authentication for the Mainframe, You Can Have Both (lien direct) |
>Now that we have tools that provide multifactor authentication (MFA) without friction, it's time to upgrade your mainframe security to participate more fully in the benefits of digital transformation.
|
|
|
|
|
2019-07-03 13:00:02 |
Finding New Approaches to Web Application Security (lien direct) |
>Because so much is centered on web services and similar technology nowadays, web application security must be a high priority within any security system.
|
|
|
|
|
2019-07-02 17:01:01 |
Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)? (lien direct) |
>IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.
|
|
|
★★★★★
|
|
2019-05-29 12:00:02 |
Massachusetts Amends Data Breach Law - What to Know for Your Incident Response Strategy (lien direct) |
>This update can be seen as part of a wider trend in data privacy regulations where guidelines on breach reporting and incident response documentation are becoming more specific.
|
Data Breach
|
|
|
|
2019-05-28 12:30:03 |
Third-Party Risks Need New Approaches (lien direct) |
>Businesses need to adopt a strategic approach to managing third-party risks that provides an integrated view of the vendor relationship process.
|
|
|
|
|
2019-05-28 10:00:02 |
Interns and Social Media: A Goldmine for Hackers (lien direct) |
>A social media post from one of a company's interns was all this people hacker needed to enter a secure area with a counterfeit employee badge. Learn tips for welcoming new employees securely.
|
|
|
|
|
2019-05-27 12:35:02 |
HawkEye Malware Operators Renew Attacks on Business Users (lien direct) |
>IBM X-Force researchers report an increase in HawkEye v9 keylogger infection campaigns targeting businesses around the world.
|
Malware
|
|
|
|
2019-05-27 11:00:02 |
Is Your Company Culture Seamlessly Secure - or Just Stressful? (lien direct) |
>As security practitioners, we probably have a good grasp of technological controls. But adversarial company culture may be creating stress that keeps people from protecting our data.
|
|
|
|
|
2019-05-24 11:00:03 |
Secure Your Hybrid Cloud Environment With Visibility, Control and Flexibility (lien direct) |
>When it is implemented correctly, hybrid cloud data protection enables organizations to safeguard critical data across their choice of on-premises, public and/or private cloud services.
|
|
|
★★★★★
|
|
2019-05-24 11:00:02 |
How Would You React? What \'Killing Eve\' Can Teach Us About Social Engineering (lien direct) |
Social engineering will always be one of the easiest ways for threat actors to get what they want. So what can enterprises do to decrease the risk?
|
Threat
|
|
|
|
2019-05-23 14:31:03 |
Uncover Modern Identity and Access Management (IAM) Challenges With Enterprise Design Thinking (lien direct) |
>Identity and access management (IAM) has become increasingly challenging due to the complexity of more devices, applications, information, users and data privacy regulations.
|
|
|
★★★★★
|
|
2019-05-23 12:00:01 |
In Light of Ever-Increasing Cybersecurity Risks, Boards Must Deepen Their Oversight and Engagement (lien direct) |
>In light of a regulatory landscape that is becoming more complex and costly, boards need better insight into the organization's risk exposure and its ability to handle cybersecurity risks.
|
|
|
|
|
2019-05-22 13:00:02 |
The Cybersecurity Industry\'s Third-Party Risk Management Problem Is Rooted in Visibility (lien direct) |
Only one-third of organizations feel their processes for third-party risk management are effective. The root of the issue lies in visibility and ineffective process.
|
|
|
★★★★
|
|
2019-05-22 11:30:02 |
Here\'s Why More Security Solutions Doesn\'t Equal Better Security (lien direct) |
Security data isn't useful when it's isolated in data silos. Organizations need a simplified ecosystem of integrated security solutions to keep up with the shifting threat landscape.
|
Threat
|
|
|
|
2019-05-21 10:00:02 |
How Cyber-Secure Are Business Travelers? New Report Says Not Very (lien direct) |
>I know that open Wi-Fi is sometimes better than no Wi-Fi, which is why I always use a VPN when connecting to public networks. But not all business travelers are so careful, according to a new report.
|
|
|
|
|
2019-05-20 11:00:02 |
How to Fight Back Against Macro Malware (lien direct) |
>Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
|
Malware
|
|
|
|
2019-05-17 15:20:02 |
Hunt With Intention: Why You Should Adopt Threat Hunting and How to Get Started (lien direct) |
>Hackers today are more sophisticated and coordinated than the dark, hooded figures often portrayed in movies. Threat hunting is critical to spot threats before they cause damage on the network.
|
Threat
|
|
★★
|
|
2019-05-16 12:00:02 |
The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015 (lien direct) |
>Despite the rise in vulnerability reporting, cryptojacking attacks and attacks on critical infrastructure, one threat trend has been on the decline: hacktivism. Where have all the hacktivists gone?
|
Threat
Vulnerability
|
|
|
|
2019-05-15 19:30:02 |
Get Ahead of Cybersecurity AI Maturation by Building a Cognitive SOC (lien direct) |
>Cybersecurity AI is approaching maturity. Are you prepared to defend against a new wave adversarial machine learning risks?
|
|
|
★★
|
|
2019-05-14 14:00:04 |
Security Awareness Training Should Always Lead to Changes in Behavior (lien direct) |
>It's important to recognize that a core outcome of security awareness and training efforts needs to be changing behaviors.
|
|
|
|
|
2019-05-13 15:15:02 |
Meanwhile at the Plant…The Realities of Operational Security in the Age of Connected Machines (lien direct) |
>As OT environments, especially with legacy systems in place, become increasingly connected, they may inherit OT security risks that were previously the domain of the IT environment.
|
|
|
|
|
2019-05-13 12:00:04 |
How a Quirky Gmail Feature Led to a Phishing Scare and a Valuable Lesson in Email Security (lien direct) |
>What began as a moment of panic in the wake of what I thought was a phishing attempt ended up being a valuable lesson about a quirky Gmail feature and how it impacts the email security landscape.
|
|
|
★★★★
|
|
2019-05-13 12:00:02 |
NIST Proposes Privacy Framework to Help Make Sense of Global Privacy Regulations (lien direct) |
>Organizations that approach privacy regulations strategically stand to gain a competitive edge when it comes to building and retaining customer trust.
|
|
|
|
|
2019-05-10 11:00:02 |
4 Information Security Slipups From \'Star Trek: Discovery\' to Avoid in the Enterprise (lien direct) |
How does Star Trek's information security stack up against current cybersecurity hygiene best practices? Turns out the future's not so bright.
|
|
|
|
|
2019-05-09 11:00:02 |
Measuring the Value of Your Unified Endpoint Management (UEM) Investment (lien direct) |
>According to Forrester, unified enpoint management enables customers to initiate a low-touch, no-touch process that reduces the time and effort needed to configure endpoints by as much as 96 percent.
|
|
|
|
|
2019-05-08 13:00:02 |
Beyond 2FA: Secure Your Critical Assets With Risk-Based Multifactor Authentication (lien direct) |
>Passwords have become an insecure and cumbersome form of authentication. Learn about risk-based multifactor authentication, an approach to access management that uses context to determine risk.
|
|
|
|
|
2019-05-08 12:30:04 |
AppSec Insights From Think 2019: Four Steps to Optimize Your Application Security Program (lien direct) |
>Whether you're a small startup or an international enterprise, a successful application security program involves more than just scanning for vulnerabilities.
|
|
|
|
|
2019-05-07 13:35:01 |
Putting the \'S\' in IoT: How to Make Internet of Things Solutions Secure by Design (lien direct) |
When developing and deploying internet of things solutions, achieving security by design is not as simple as picking a secure development life cycle (SDLC) framework and shifting your security left.
|
|
|
★★★★
|
|
2019-05-07 12:30:02 |
How to Make Third-Party Risk Management Second Nature (lien direct) |
>Organizations that sleep on third-party risk management could unknowingly expose their systems to remote attacks, access risks and more.
|
|
|
★★★★★
|
|
2019-05-06 12:00:02 |
Why You Should Constantly Enrich Security Culture Throughout Your Organization (lien direct) |
>Here's what you need to know about organizational security culture - and how to plan for and inspire a better one.
|
|
|
|
|
2019-05-06 11:00:02 |
High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector (lien direct) |
>Is providing effective cybersecurity for the healthcare sector an IT problem or a wider-scope issue? The short answer is that it's both.
|
|
|
|
|
2019-05-02 16:00:02 |
Published Exploits for Accessing SAP Systems Put Security Teams on Alert (lien direct) |
>Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.
|
|
|
|
|
2019-05-02 13:55:02 |
Exploring Ponemon Data: After 4 Years, Is Security Satiated With False Confidence? (lien direct) |
>The "2019 Ponemon Institute Study on the Cyber Resilient Organization" found that although security leaders are more confident in their cyber resilience, they are still overlooking critical areas.
|
Guideline
|
|
|
|
2019-05-02 13:45:01 |
Everything Is Best When It Comes to Cybersecurity Best Practices (lien direct) |
>How can security professionals keep up with cybersecurity best practices without taking too much time away from other responsibilities?
|
|
|
|
|
2019-05-01 15:15:02 |
Are Companies Doing Enough to Secure PII? I Spoke With Security Expert Frank Abagnale to Find Out (lien direct) |
For the enterprise responsible for protecting customers' PII, should passwords be stored at all - even encrypted?
|
|
|
|