Tuesday, September 25, 2018

IDG Contributor Network: What hurricane preparedness teaches us about resilience

We all know hurricanes are a significant threat to life and property in communities stretching from the coast to hundreds of miles inland. Every year we see these storms strike, and we get smarter about preparing for their impact....

IDG Contributor Network: Linus Torvalds, the UNIX Wars and history repeating itself

Over the past week, news came out that Linus Torvalds, the father of Linux, is taking time off to address his behavior issues. For those of us who know Linus, he is known for speaking his mind and being...

BrandPost: It Takes Two to Manage Identity Risk: Your Identity and Security Operations Teams

Today’s industrial revolution is driven not by steam engines, machine-based automation and factory systems, but by the power of cloud, mobility and machine-based analytics. It’s an exciting time filled with opportunity—and risk. Digital transformation brings digital risk, and identity...

Forcing users to log into Google Chrome without consent raises privacy concerns

Just because you are surfing via Chrome doesn’t mean you opted to give up your privacy. But the years of being able to use Chrome without logging in are over. Chrome 69 came out at the start of September,...

Brewery became victim of targeted ransomware attack via job vacancy ad

You may not need a cautionary tale about opening email attachments, but this story is a reminder that you don’t have to be the biggest and most well-known company to become the victim of a targeted ransomware attack; just...

Apple’s dropping Back To My Mac Remote Access. Here’s an Alternative, Currently Discounted.

Apple is dropping the Back To My Mac remote access feature, and in a recent support document they urge you to be prepared by looking for alternatives.RemotePC by iDrive is a full-featured remote access solution that lets you connect...

IDG Contributor Network: Reconciling information security and shrink-wrap agreements

There is simply no avoiding it. Every business, regardless of size or type, has entered into “shrink-wrap” or “click-wrap” agreements (i.e., non-negotiable agreements provided with various types of software and cloud services). In most instances, even small organizations are...

IDG Contributor Network: Open banking is coming to the U.S.: How secure will it be?

The open banking trend continues around the world, and most recently, the U.S. has taken another step towards adopting the policy. On July 31, the U.S. Department of Treasury published a detailed, titled A Financial System That Creates Economic Opportunities:...

6 steps for building a robust incident response plan

Most InfoSec professionals are firmly focused on prevention. We build systems and adopt tools to help safeguard against phishing attacks and ransomware and all the other myriad threats that businesses face on a daily basis. But what we often...

5 cyber security basics you can’t afford to ignore

The recently discovered vulnerability involving fax lines on HP multi-function devices, termed Faxploit, are a reminder of the importance of fundamental security practices.To read this article in full, please click here(Insider Story)

BrandPost: Security and the Cloud Go Hand-in-Hand: Are You Prepared?

Just because you’ve tapped into the vast resources of a cloud service provider to replace previously on-premises IT assets doesn’t lessen your management or cybersecurity burden. In fact, cloud migration creates new issues for network admins to focus on:...

5 biggest cybersecurity challenges at smaller organizations

Hello, dedicated readers! My blog is back from a restful week’s vacation on Cape Cod and ready to tackle the falling leaves, changing temperatures, and cybersecurity issues of autumn.Back in August, I wrote a few blog posts about cybersecurity...

BrandPost: Cybercriminals Shift Tactics to Keep a Low Profile

Over the past several years, cyberattacks have become more targeted and sophisticated. Cybercriminals have begun to augment their attacks with advanced technologies, such as machine learning and automation, to increase the speed and efficiency of attacks, as well as...

State Department confirms breach of unclassified email system

The U.S. State Department confirmed it suffered a data breach that exposed employee data; the breach affected the State Department’s unclassified email system.It’s not like the agency suddenly decided to tell the public about the breach, though. The incident...

The best password advice right now

Ever since NIST submitted SP 800-63 Digital Identity Guidelines for review a few years ago, the computer security world has been debating the agency's newest recommended password policies, which run starkly contrary to decades of previous advice.To read this...

Sophisticated mobile spyware Pegasus found in the US and 44 other countries

In a new report, Citizen Lab researchers warned that sophisticated mobile spyware, dubbed Pegasus — made and sold by the Israeli company NSO Group — has been found not only on Androids and iPhones in countries with questionable human...

Review: Ping Identity brings identity management to cybersecurity defenses

For many organizations, even those with advanced cybersecurity maturity, the concept of identity management has always been a bit of an afterthought. Logging into a network is normally handled by Active Directory, while each individual application like Salesforce or internal...

IDG Contributor Network: Cybersecurity decisions that can’t be automated

Cybersecurity’s future in reducing incident response time is to automate the process. In other words, the process of marking an attack, aggregating key data, identifying the actual threat, assembling the tools and executing actions needs to be as close...

Ransomware hits UK’s Bristol Airport, affects flight information screens

When travelers at Bristol Airport in the U.K. looked at flight information screens over the weekend, they saw a blue screen with white lettering that stated: OUT OF SERVICEWe are sorry for the inconvenience. Our Engineers are currently working to...

What is Wireshark? What this essential troubleshooting tool does and how to use it

Wireshark is the world's leading network traffic analyzer, and an essential tool for any security professional or systems administrator. This free software lets you analyze network traffic in real time, and is often the best tool for troubleshooting issues...

Breach at US Retailer SHEIN Hits Over Six Million Users

Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers. The women’s clothing company revealed at the end of last week that...
The Register

Bug? Feature? Power users baffled as BitLocker update switch-off continues

Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
ZDNet

UK issues first-ever GDPR notice in connection to Facebook data scandal

Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
SecurityWeek

Symantec Completes Internal Accounting Investigation

Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements. read more

Are Colleges Teaching Real-World Cyber Security Skills?

The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...