Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-07-09 11:30:02 |
Mobile Device Management Evolves to Support New Device Use Cases (lien direct) |
>As new deployments of screens, IoT devices and other connected endpoints proliferate, mobile device management is key to helping businesses secure, manage and control new mobile-oriented use cases.
|
|
|
★★★
|
|
2019-07-09 11:15:04 |
Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT) (lien direct) |
>IBM X-Force researchers detected, reverse engineered, reconstructed and simulated a Delphi-based Brazilian remote access Trojan.
|
|
|
|
|
2019-07-08 16:00:02 |
Your \'Invisible Workforce\' Needs More Visibility in Security Planning (lien direct) |
The workforce is becoming more "invisible." But far too many organizations still aren't taking this into consideration during security planning.
|
|
|
★★
|
|
2019-07-08 11:30:02 |
Innovation or Security? With Multifactor Authentication for the Mainframe, You Can Have Both (lien direct) |
>Now that we have tools that provide multifactor authentication (MFA) without friction, it's time to upgrade your mainframe security to participate more fully in the benefits of digital transformation.
|
|
|
|
|
2019-07-03 13:00:02 |
Finding New Approaches to Web Application Security (lien direct) |
>Because so much is centered on web services and similar technology nowadays, web application security must be a high priority within any security system.
|
|
|
|
|
2019-07-02 17:01:01 |
Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)? (lien direct) |
>IBM X-Force researchers discovered, reverse engineered and reconstructed AVLay, a remote access Trojan that mixes DLL hijacking with a legitimate executable borrowed from various antivirus programs.
|
|
|
★★★★★
|
|
2019-05-29 12:00:02 |
Massachusetts Amends Data Breach Law - What to Know for Your Incident Response Strategy (lien direct) |
>This update can be seen as part of a wider trend in data privacy regulations where guidelines on breach reporting and incident response documentation are becoming more specific.
|
Data Breach
|
|
|
|
2019-05-28 12:30:03 |
Third-Party Risks Need New Approaches (lien direct) |
>Businesses need to adopt a strategic approach to managing third-party risks that provides an integrated view of the vendor relationship process.
|
|
|
|
|
2019-05-28 10:00:02 |
Interns and Social Media: A Goldmine for Hackers (lien direct) |
>A social media post from one of a company's interns was all this people hacker needed to enter a secure area with a counterfeit employee badge. Learn tips for welcoming new employees securely.
|
|
|
|
|
2019-05-27 12:35:02 |
HawkEye Malware Operators Renew Attacks on Business Users (lien direct) |
>IBM X-Force researchers report an increase in HawkEye v9 keylogger infection campaigns targeting businesses around the world.
|
Malware
|
|
|
|
2019-05-27 11:00:02 |
Is Your Company Culture Seamlessly Secure - or Just Stressful? (lien direct) |
>As security practitioners, we probably have a good grasp of technological controls. But adversarial company culture may be creating stress that keeps people from protecting our data.
|
|
|
|
|
2019-05-24 11:00:03 |
Secure Your Hybrid Cloud Environment With Visibility, Control and Flexibility (lien direct) |
>When it is implemented correctly, hybrid cloud data protection enables organizations to safeguard critical data across their choice of on-premises, public and/or private cloud services.
|
|
|
★★★★★
|
|
2019-05-24 11:00:02 |
How Would You React? What \'Killing Eve\' Can Teach Us About Social Engineering (lien direct) |
Social engineering will always be one of the easiest ways for threat actors to get what they want. So what can enterprises do to decrease the risk?
|
Threat
|
|
|
|
2019-05-23 14:31:03 |
Uncover Modern Identity and Access Management (IAM) Challenges With Enterprise Design Thinking (lien direct) |
>Identity and access management (IAM) has become increasingly challenging due to the complexity of more devices, applications, information, users and data privacy regulations.
|
|
|
★★★★★
|
|
2019-05-23 12:00:01 |
In Light of Ever-Increasing Cybersecurity Risks, Boards Must Deepen Their Oversight and Engagement (lien direct) |
>In light of a regulatory landscape that is becoming more complex and costly, boards need better insight into the organization's risk exposure and its ability to handle cybersecurity risks.
|
|
|
|
|
2019-05-22 13:00:02 |
The Cybersecurity Industry\'s Third-Party Risk Management Problem Is Rooted in Visibility (lien direct) |
Only one-third of organizations feel their processes for third-party risk management are effective. The root of the issue lies in visibility and ineffective process.
|
|
|
★★★★
|
|
2019-05-22 11:30:02 |
Here\'s Why More Security Solutions Doesn\'t Equal Better Security (lien direct) |
Security data isn't useful when it's isolated in data silos. Organizations need a simplified ecosystem of integrated security solutions to keep up with the shifting threat landscape.
|
Threat
|
|
|
|
2019-05-21 10:00:02 |
How Cyber-Secure Are Business Travelers? New Report Says Not Very (lien direct) |
>I know that open Wi-Fi is sometimes better than no Wi-Fi, which is why I always use a VPN when connecting to public networks. But not all business travelers are so careful, according to a new report.
|
|
|
|
|
2019-05-20 11:00:02 |
How to Fight Back Against Macro Malware (lien direct) |
>Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
|
Malware
|
|
|
|
2019-05-17 15:20:02 |
Hunt With Intention: Why You Should Adopt Threat Hunting and How to Get Started (lien direct) |
>Hackers today are more sophisticated and coordinated than the dark, hooded figures often portrayed in movies. Threat hunting is critical to spot threats before they cause damage on the network.
|
Threat
|
|
★★
|
|
2019-05-16 12:00:02 |
The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015 (lien direct) |
>Despite the rise in vulnerability reporting, cryptojacking attacks and attacks on critical infrastructure, one threat trend has been on the decline: hacktivism. Where have all the hacktivists gone?
|
Vulnerability
Threat
|
|
|
|
2019-05-15 19:30:02 |
Get Ahead of Cybersecurity AI Maturation by Building a Cognitive SOC (lien direct) |
>Cybersecurity AI is approaching maturity. Are you prepared to defend against a new wave adversarial machine learning risks?
|
|
|
★★
|
|
2019-05-14 14:00:04 |
Security Awareness Training Should Always Lead to Changes in Behavior (lien direct) |
>It's important to recognize that a core outcome of security awareness and training efforts needs to be changing behaviors.
|
|
|
|
|
2019-05-13 15:15:02 |
Meanwhile at the Plant…The Realities of Operational Security in the Age of Connected Machines (lien direct) |
>As OT environments, especially with legacy systems in place, become increasingly connected, they may inherit OT security risks that were previously the domain of the IT environment.
|
|
|
|
|
2019-05-13 12:00:04 |
How a Quirky Gmail Feature Led to a Phishing Scare and a Valuable Lesson in Email Security (lien direct) |
>What began as a moment of panic in the wake of what I thought was a phishing attempt ended up being a valuable lesson about a quirky Gmail feature and how it impacts the email security landscape.
|
|
|
★★★★
|
|
2019-05-13 12:00:02 |
NIST Proposes Privacy Framework to Help Make Sense of Global Privacy Regulations (lien direct) |
>Organizations that approach privacy regulations strategically stand to gain a competitive edge when it comes to building and retaining customer trust.
|
|
|
|
|
2019-05-10 11:00:02 |
4 Information Security Slipups From \'Star Trek: Discovery\' to Avoid in the Enterprise (lien direct) |
How does Star Trek's information security stack up against current cybersecurity hygiene best practices? Turns out the future's not so bright.
|
|
|
|
|
2019-05-09 11:00:02 |
Measuring the Value of Your Unified Endpoint Management (UEM) Investment (lien direct) |
>According to Forrester, unified enpoint management enables customers to initiate a low-touch, no-touch process that reduces the time and effort needed to configure endpoints by as much as 96 percent.
|
|
|
|
|
2019-05-08 13:00:02 |
Beyond 2FA: Secure Your Critical Assets With Risk-Based Multifactor Authentication (lien direct) |
>Passwords have become an insecure and cumbersome form of authentication. Learn about risk-based multifactor authentication, an approach to access management that uses context to determine risk.
|
|
|
|
|
2019-05-08 12:30:04 |
AppSec Insights From Think 2019: Four Steps to Optimize Your Application Security Program (lien direct) |
>Whether you're a small startup or an international enterprise, a successful application security program involves more than just scanning for vulnerabilities.
|
|
|
|
|
2019-05-07 13:35:01 |
Putting the \'S\' in IoT: How to Make Internet of Things Solutions Secure by Design (lien direct) |
When developing and deploying internet of things solutions, achieving security by design is not as simple as picking a secure development life cycle (SDLC) framework and shifting your security left.
|
|
|
★★★★
|
|
2019-05-07 12:30:02 |
How to Make Third-Party Risk Management Second Nature (lien direct) |
>Organizations that sleep on third-party risk management could unknowingly expose their systems to remote attacks, access risks and more.
|
|
|
★★★★★
|
|
2019-05-06 12:00:02 |
Why You Should Constantly Enrich Security Culture Throughout Your Organization (lien direct) |
>Here's what you need to know about organizational security culture - and how to plan for and inspire a better one.
|
|
|
|
|
2019-05-06 11:00:02 |
High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector (lien direct) |
>Is providing effective cybersecurity for the healthcare sector an IT problem or a wider-scope issue? The short answer is that it's both.
|
|
|
|
|
2019-05-02 16:00:02 |
Published Exploits for Accessing SAP Systems Put Security Teams on Alert (lien direct) |
>Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.
|
|
|
|
|
2019-05-02 13:55:02 |
Exploring Ponemon Data: After 4 Years, Is Security Satiated With False Confidence? (lien direct) |
>The "2019 Ponemon Institute Study on the Cyber Resilient Organization" found that although security leaders are more confident in their cyber resilience, they are still overlooking critical areas.
|
Guideline
|
|
|
|
2019-05-02 13:45:01 |
Everything Is Best When It Comes to Cybersecurity Best Practices (lien direct) |
>How can security professionals keep up with cybersecurity best practices without taking too much time away from other responsibilities?
|
|
|
|
|
2019-05-01 15:15:02 |
Are Companies Doing Enough to Secure PII? I Spoke With Security Expert Frank Abagnale to Find Out (lien direct) |
For the enterprise responsible for protecting customers' PII, should passwords be stored at all - even encrypted?
|
|
|
|
|
2019-05-01 12:00:03 |
Penetration Testing Versus Red Teaming: Clearing the Confusion (lien direct) |
>There is some confusion in cybersecurity as to the difference between penetration testing and red teaming. Since all businesses have vastly different security needs, the distinction is critical.
|
|
|
|
|
2019-04-29 14:15:02 |
Facial Recognition, Deepfakes and Biometric PII: Preparing for a Future of Faceless Threats (lien direct) |
>As facial recognition technology advances, bad actors will have more biometric data with which to create deepfake images, videos, sounds and more. Is the security community prepared for this threat?
|
|
|
|
|
2019-04-29 12:00:03 |
5G Will Change How We Manage Mobile Security - Here\'s How to Start Preparing (lien direct) |
The rollout of 5G technology could forever change how we manage mobile security, posing an entirely new set of risks we have not handled before.
|
|
|
|
|
2019-04-26 12:30:03 |
Why You Need a Healthy Mix of Security Analytics to Investigate Threats (lien direct) |
>Effective threat management requires security teams to combine various sources of security analytics with machine-generated data to investigate incidents with speed and accuracy.
|
Threat
|
|
|
|
2019-04-26 11:30:02 |
Rethinking the Industry\'s Approach to the Cybersecurity Skills Gap (lien direct) |
Until now, we've looked at the cybersecurity skills gap in a very broad sense, as if all security jobs and needs are equal. Maybe it's time we look at the skills gap problem in different ways.
|
|
|
|
|
2019-04-25 12:50:01 |
Zero Trust: Why Your Most Privileged Users Could Be Your Biggest Security Weakness (lien direct) |
>Organizations that do not apply the zero trust model to protecting privileged users open themselves up to attacks by threat actors looking to access sensitive systems and networks.
|
Threat
|
|
|
|
2019-04-25 12:45:01 |
Set Expectations and Boundaries With Your Security Program to Minimize Risk (lien direct) |
>Good communication, clear expectations and enforced boundaries are all key to the success of your security program.
|
|
|
|
|
2019-04-25 10:00:04 |
Industrial Control Systems Security: To Test or Not to Test? (lien direct) |
>According to X-Force Red data, the number of vulnerabilities exposing industrial control systems has increased 83 percent since 2011. Should organizations test them and risk destabilizing operations?
|
|
|
|
|
2019-04-24 12:00:02 |
Don\'t Let Vulnerabilities Leave You Taxed - Refund Customer Trust With Application Security (lien direct) |
How an organization handles application security goes a long way in determining whether it will be "taxed" by vulnerabilities in production or receive a nice refund of their customers' trust.
|
|
|
|
|
2019-04-24 11:00:02 |
Long Live the Password - Even if You Don\'t Want It To (lien direct) |
To reduce the risk of a breach due to weak or stolen passwords, companies are adopting multifactor authentication, which requires users to submit an extra piece of data in addition to their password.
|
|
|
|
|
2019-04-23 12:00:02 |
Mobile Security Risks Are on the Rise, But Employers Continue to Cut Corners (lien direct) |
>While smartphones and tablets have become more ubiquitous in the workplace, organizations are flat out ignoring mobile security risks.
|
|
|
|
|
2019-04-23 10:00:02 |
How IBM X-Force IRIS Prepared for the Ukraine Election (lien direct) |
>Before the first round of the Ukraine election in March, we decided that we couldn't afford to sit on our heels until an attack was launched.
|
|
|
|