Monday, September 23, 2019

How Ethical Hackers Find Weaknesses and Secure Businesses

When people hear about hackers, it typically conjures up images of a hooded figure in a basement inputting random code into a computer terminal. This Hollywood cliché is far from the truth from modern-day cybersecurity experts, and it’s also...

New Passive RFID Tech Poses Threat to Enterprise IoT

As RFID technology continues to evolve, IoT security measures struggle to keep pace. The Internet of Things (IoT) industry is growing at a staggering pace. The IoT market in China alone will hit $121.45 billion by 2022 and industry analysts...

Android RAT Exclusively Targets Brazil

A newly discovered Android remote access Trojan (RAT) is specifically targeting users in Brazil, Kaspersky reports.  Called BRATA, which stands for Brazilian RAT Android, the malware could theoretically be used to target any other Android user, should the cybercriminals behind...

Three Strategies to Avoid Becoming the Next Capital One

Recently, Capital One discovered a breach in their system that compromised Social Security numbers of about 140,000 credit card customers along with 80,000 bank account numbers. The breach also exposed names, addresses, phone numbers and credit scores, among other...

Why a Business-Focused Approach to Security Assurance Should Be an Ongoing Investment

How secure is your organization’s information? At any given moment, can a security leader look an executive in the eye and tell them how well business processes, projects and supporting assets are protected?    Security assurance should provide relevant stakeholders...

If You Don’t Have Visibility, You Don’t Have Security

If you’ve ever watched a thriller or horror movie, you’re probably familiar with the scene where someone is trying to keep a monster or attacker out so they barricade the doors and lock the windows and feel safe for...

Ransomware: Why Hackers Have Taken Aim at City Governments

When the news media reports on data breaches and other forms of cybercrime, the center of the story is usually a major software company, financial institution, or retailer. But in reality, these types of attacks are merely part of...

5 Limitations of Network-Centric Security in the Cloud

Traditional security solutions were designed to identify threats at the perimeter of the enterprise, which was primarily defined by the network. Whether called firewall, intrusion detection system, or intrusion prevention system, these tools delivered “network-centric” solutions. However, much like...

1 Million South Korean Credit Card Records Found Online

Over 1 million South Korea-issued Card Present records have been posted for sale on the dark web since the end of May, Gemini Advisory says.  The security firm could not pinpoint the exact compromised point of purchase (CPP), but believes...

Top Three Cross-Site Scripting Attacks You Need to Know Now

Cross-Site Scripting or XSS is and will remain to be a major pain for anyone trying to create a secure web application for their end-users. Cross-Site scripting attacks occur when an attacker can squeeze nasty code into your web application...

Arkose Labs Launches Private Bug Bounty Program

Fraud prevention technology provider Arkose Labs announced the launch of a private bug bounty program on crowdsourced security platform Bugcrowd. Based in San Francisco, Calif., the company leveragesglobal telemetry with a proprietary challenge–response mechanism to help organizations prevent fraud in sectors...

Eight Steps to Migrate Your SIEM

In a large enterprise, the ingestion of security logs, IT system logs and other data sources can easily reach a range of hundreds of thousands to millions of events each day and lead to storing terabytes of logs daily....

What Call Center Fraud Can Teach Us about Insider Threats

Call centers are often the weakest link in otherwise robust corporate security networks, because of the human dimension. They are staffed by people who make mistakes and are prey to scams and blackmail. Call centers are also vulnerable to...

Best Practices for Remote Workers’ Endpoint Security

Remote workers often use corporate devices and computers when working at home or from a local office. When travelling, they might use personal mobile phones or computers to carry out their official tasks. Regardless of the endpoint used to...

Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...
SC Magazine

Ning Wang – Offensive Security

Ning WangCEO Offensive Security Why Nominated: Ning Wang is a rising star has worked to break the boundaries in the security industry, so that people can see that anyone is capable of starting a career in cybersecurity and advancing it –...
SC Magazine

Dani Martínez – IOActive

Dani MartínezSecurity ConsultantIOActive Why nominated: Dani Martínez proved to be a self-starter, beginning his career in IT he soon developed an interest in cybersecurity and began taking online courses in his spare time. Martínez also dove write in and began a cybersecurity blog...
SC Magazine

Maurice Stebila – Harman, a Samsung Company

Maurice StebilaDigital Security,Compliance and Privacy OfficerHarman, a Samsung Company Why nominated: Maurice Stebila has spent more than 30 years in the automotive, manufacturing and financial services industry supporting two of the world’s largest companies – EDS/General Motors and Harman by Samsung...
SC Magazine

Ed Adams – Security Innovation

Ed AdamsPresident and CEOSecurity Innovation Why Nominated: A highly respected veteran of the cybersecurity industry, Security Innovation CEO Ed Adams has taken on several new leadership roles in the year or so. Last April, he was named to board of directors of...
SC Magazine

David Archer – Galois

David ArcherPrincipal scientistGalois Why Nominated: Archer, an advocate for preserving privacy of data even when it’s used in decision-making both within the U.S. at all levels of government as well as internationally, directs research in privacy-preserving information technologies. Profile:  David Archer is all...