Oil & Gas Faces a Massive Convergence Challenge
I recently had the pleasure of speaking at the API 13th Annual Cybersecurity Conference in Houston. API is the national association for the oil and gas industry, and this is a unique event that focuses...
View Article2019 ArcGIS Transport Security Improvements
To ensure our service and software offerings remain as secure as possible, we continually update the security standards and protocols utilized. Sometimes, this can result in significant disruptions...
View Article85 Percent of ATMs Can Be Hacked in Under 15 Minutes via Network
The vast majority of Automated Teller Machines (ATMs) manufactured by NCR, Diebold Nixdorf, and GRGBanking and used by banks as cash dispensers have been proven to be easily hacked by potential...
View ArticleAWS Security Profiles: Brittany Doncaster, Solutions Architect
In the weeks leading up to re:Invent , we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that...
View ArticleLookout Recognized in the Gartner Market Guide for Mobile Threat Defense for...
Lookout Improves Enterprise Ability to Secure Access to Corporate Data from Any Device and Network through Post-Perimeter Security SAN FRANCISCO (BUSINESS WIRE) Lookout , the leader in securing the...
View ArticleIDG Contributor Network: Small Business Saturday means it’s time for an...
As we approach Small Business Saturday, it’s a good time of year for small and mid-sized businesses to refresh their thinking around data security and incident response planning. In the same way that...
View Article研究人员创建了可以欺骗生物识别数据库的“主密钥”指纹
纽约大学的研究人员们,刚刚创建了一套“主密钥”指纹,可用于欺骗生物识别系统。 即便其使用的指纹数据库,可能产生 1/1000 的随机错误匹配,但他们打造出来的“主密钥”指纹,拥有高达 1/5 的命中率。 此项研究的论文(已发表在 ArXiv 预打印服务器上),证明可借助机器学习技术来人工生成指纹,欺骗采用指纹认证防护的数据库。 Counterpoint Research...
View Article从技术到社交 安全从业者简历指南
你知道对于求职者而言,哪些技能和经验才是自我推销的亮点吗?不知道也别着急,安全专家为此提供了最有帮助的见解,一起去了解一下吧! 当你的简历落入招聘经理的手中时,一般来说,你只有一分钟的时间来清楚地传达自己具备胜任这份工作的技能和经验。在这种情况下,你有什么秘诀才可以确保自己脱颖而出呢? 根据最新的《ISC...
View ArticleThe Art and Science of Secure Coding: Key Practices that Stand Out
Flaws in code lines, file system and data input methods make up the core security vulnerability of any application. This is what we address through secure coding practices. Secure coding guidelines...
View Article2018未来金融信息安全论坛:智能是未来 我们在路上
由金融时报和瀚思科技联合主办的“2018未来金融信息安全论坛”昨日召开。金融领域是安全行业最重要的关注点之一,安全牛记者现场参会,并整理出一些演讲嘉宾的重要观点。 一、智能运维是必然之路 中国人民银行科技司副司长陈立吾在致辞中表示: 金融行业是高度依赖信息技术的产业,它的高质量发展离不开网络和信息系统的安全稳定运行。人工智能在促进金融服务创新的同时,对赋能金融网络安全大有可为。...
View ArticleCheckPoint:FlawedAmmyy远程访问木马已成近期最大安全威胁
近期,一款名叫 FlawedAmmyy 的远程访问木马(RTA),被列入了全球威胁指数的前 10 名。此前,Check Point 安全研究人员发现了多起分发 RAT 的活动,且其在今年 10 月有大幅增长的趋势。尽管首次杀入前十(正好卡在第 10 名的位置),但其利用的恶意加密手段,让我们无法对其放松警惕。 Check Point...
View ArticleWhen passwords get stolen, this Australian guy alerts the world
Massive databases of user accounts seem to get hacked daily. The number of exposed accounts and passwords―usually encrypted weakly―has risen into the billions. Yet liability and embarrassment have left...
View ArticleApache Hadoop - TLS and SSL Notes
Overview I’ve collected notes on TLS/SSL for a number of years now. Most of them are related to Apache Hadoop , but others are more general. I was consulting when the POODLE and Heartbleed...
View ArticleAhead of Black Friday, Rash of Malware Families Takes Aim at Holiday Shoppers
As consumers skip the store crowds in favor of online deals, cyberattackers have geared up to victimize them. No less than 14 malware families are targeting e-commerce brands to steal from unsuspecting...
View ArticleWPA2 encryption bypass: Using Defensics to uncover behavioral vulnerabilities
We discovered a WPA2 encryption bypass vulnerability (CVE-2018-18907) in a router that allows full access to a WLAN without credentials. The vendor has released a patch for the device. As part of...
View Article为什么检测网络攻击需耗时数个月
网络威胁解决方案现状 现有网络威胁解决方案通常是尝试解决特定问题或阻止特定攻击步骤的发生,其中包含了试图强固安全“边界”的防火墙(FW)、防止未经授权的设备连接到网络的网络访问控制(NAC)及负责保护网络上设备的终端防护方案。...
View ArticleDate centre operator adds industry veteran to board
Data centre operator Data Exchange Networks has appointed 20-year industry veteran John Duffin to its board as a non-executive director as the company expands its modular data centre solutions. A...
View ArticleBrandPost: As Cyber Threats Grow, Cyber Vigilance is Mandatory
In 1809, author Thomas Charlton penned the famous phrase that has been subsequently attributed to a wide variety of people, writing, “the price of liberty is eternal vigilance.” While he certainly...
View ArticleG Suite Adds Advanced Password Controls
The G Suite team announced the addition of advanced password controls which allow admins to require and enforce extra rigorous requirements for stronger passwords. Because having a strong passwordis...
View ArticleUp to three million kids' GPS watches can be tracked by parents... and any...
Parents could be unwittingly putting their children's safety and privacy at risk, thanks to security vulnerabilities in potentially millions of kids' GPS-tracker watches. These cheapo watches are...
View Article