Tags:

Date: 24 February 2017

Author: Nicole Brinson

Tenable i.o: Offering Complete Vulnerability Visibility In the Cloud

Tenable launches cloud-based vulnerability management platform

Tenable Network Security is hoping to make vulnerability management great again.

The security vendor, based in Columbia, Md., unveiled a new cloud-based vulnerability management platform, dubbed Tenable.io, this week at RSA Conference 2017. Tenable.io, which is delivered as a software-as-a-service offering, includes an API and software development kit that allows third parties to export and import vulnerability data. The..

Date: 15 February 2017

Author: Nicole Brinson

5 lessons IT can learn from 'Rogue One: A Star Wars Story'

Rogue One isn't just a Star Wars story. It's an information security story.

From our partners at HPE:

"Rogue One: A Star Wars Story" isn’t just a tale of scrappy rebels fighting against an evil Empire. With the issues it raises, including device authentication, asset management, and privilege control, it’s also a story about information security. Well, more like a cautionary tale.

The Empire we love to hate has exhaust-port-size holes in the way it conducts its secret affairs. Seriously, it’s..

Date: 26 October 2016

Author: Nicole Brinson

Here's One Strategy for Thwarting Denial of Service Cyberattacks

Companies can reduce the risk from the type of cyberattack that took out major websites on Friday by using multiple vendors for the critical Internet service known as a domain name service, or DNS, companies and security experts said on Sunday.

“We have advocated for years for redundancy in your infrastructure,” said Kyle York, chief strategy officer for Dyn, the New Hampshire DNS provider that was attacked on Friday. “I don’t think you can ever be safe enough or redundant enough.”

Hackers..

Date: 13 October 2016

Author: cwilkinson

Don't Jump! How to Handle a Ransomware Attack

STEP:1 CALL BEDROC

Ransomware is obviously analogous to kidnapping, and dealing with the perpetrators can feel much like negotiating with a jumper standing on the edge of high-rise roof. The Institute for Critical Infrastructure Technology recently released a report that in part describes how to deal with criminals when they are holding your data hostage. The report talks of what to do once a breach has been found.

ICIT says the proper response will depend on the risk tolerance of the..

Date: 18 March 2014

Author: cwilkinson

Missed FireEye Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It

On Saturday, Nov. 30, the hackers had set their traps and had just one thing to do before starting the attack: plan the data’s escape route. As they uploaded exfiltration malware to move stolen credit card numbers—first to staging points spread around the U.S. to cover their tracks, then into their computers in Russia—FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis.

Read more here...

Tweets