Monday, September 23, 2019

How Network Logging Mitigates Legal Risk

Logging that is turned on, captured, and preserved immediately after a cyber event is proof positive that personal data didn't fall into the hands of a cybercriminal.

Security 101

‘Playing Around’ Can Teach Serious Security Lessons

A project intended to move a small robot around a hazardous board teaches some solid security lessons.

‘Playing Around’ with Code Keeps Security, DevOps Skills Sharp

A project intended to move a small robot around a hazardous board teaches some solid security lessons.

7 Ways VPNs Can Turn from Ally to Threat

VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.

HP Purchases Security Startup Bromium

The purchase will bring new isolation and threat intelligence capabilities to the HP portfolio.

Ransomware Strikes 49 School Districts & Colleges in 2019

The education sector has seen 10 new victims in the past nine days alone, underscoring a consistent trend throughout 2019.

WeWork’s Wi-Fi Exposed Files, Credentials, Emails

For years, sensitive documents and corporate data have been easily viewable on the coworking space's open network.

A Safer IoT Future Must Be a Joint Effort

We're just at the beginning of an important conversation about the future of our homes and cities, which must involve both consumers and many players in the industry

A Beginner’s Guide to Microsegmentation

In a world in which the data center perimeter has all but evaporated, traditional segmentation no longer is enough. Enter microsegmentation. Here's what organizations need to do to maximize the benefits of this improved security architecture.

Lion Air the Latest to Get Tripped Up by Misconfigured AWS S3

The breach, which reportedly exposed data on millions of passengers, is one of many that have resulted from organizations leaving data publicly accessible in cloud storage buckets.

Metasploit Creator HD Moore’s Latest Hack: IT Assets

Moore has built a network asset discovery tool that wasn't intended to be a pure security tool, but it addresses a glaring security problem.

BSIMM10 Emphasizes DevOps’ Role in Software Security

The latest model, with insights from 122 firms, shows DevOps adoption is far enough along to influence how companies approach software security.

California’s IoT Security Law Causing Confusion

The law, which goes into effect in on January 1, requires manufacturers equip devices with 'reasonable security feature(s).' What that entails is still an open question.

Security Pros Value Disclosure … Sometimes

Security professionals will coordinate disclosure with researchers but may keep their self-discovered vulnerabilities secret, a new study shows.

Deconstructing an iPhone Spearphishing Attack

How criminals today bypass smartphone anti-theft protection and harvest AppleID and passwords taken from fake Apple servers.

Ping Identity Prices IPO at $15 per Share

The identity management company plans to sell 12.5 million shares, raising $187.5 million in its initial public offering.

Crowdsourced Security & the Gig Economy

Crowdsourced platforms have redefined both pentesting and the cybersecurity gig economy. Just not in a good way.

Best Practices

Edge Feature Section

Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make...
SC Magazine

Ning Wang – Offensive Security

Ning WangCEO Offensive Security Why Nominated: Ning Wang is a rising star has worked to break the boundaries in the security industry, so that people can see that anyone is capable of starting a career in cybersecurity and advancing it –...
SC Magazine

Dani Martínez – IOActive

Dani MartínezSecurity ConsultantIOActive Why nominated: Dani Martínez proved to be a self-starter, beginning his career in IT he soon developed an interest in cybersecurity and began taking online courses in his spare time. Martínez also dove write in and began a cybersecurity blog...
SC Magazine

Maurice Stebila – Harman, a Samsung Company

Maurice StebilaDigital Security,Compliance and Privacy OfficerHarman, a Samsung Company Why nominated: Maurice Stebila has spent more than 30 years in the automotive, manufacturing and financial services industry supporting two of the world’s largest companies – EDS/General Motors and Harman by Samsung...
SC Magazine

Ed Adams – Security Innovation

Ed AdamsPresident and CEOSecurity Innovation Why Nominated: A highly respected veteran of the cybersecurity industry, Security Innovation CEO Ed Adams has taken on several new leadership roles in the year or so. Last April, he was named to board of directors of...
SC Magazine

David Archer – Galois

David ArcherPrincipal scientistGalois Why Nominated: Archer, an advocate for preserving privacy of data even when it’s used in decision-making both within the U.S. at all levels of government as well as internationally, directs research in privacy-preserving information technologies. Profile:  David Archer is all...