AVTECH Shuns Security Firm and Leaves All Products Vulnerable Without a Patch
AVTECH, a Taiwanese CCTV equipment manufacturer, has failed to respond to Search-Lab, a Hungarian security firm, who spent more than a year trying to inform the company about 14 security bugs affecting...
View ArticleClik here to view.
AD Security Group matrix
‘Sup PSHomies, So lastblog was about adding members to a security group efficiently. Which got me thinking, can I reverse this process? If given the security groups with specified members, can I...
View ArticleClik here to view.
419 Attackers Leveraging New Undetected Pony Infrastructure for Possible...
Wapack labs analyzed two recent Pony/Fareit downloader samples that were submitted to Virus Total in late September. The samples provided insight into recently registered attacker infrastructure...
View ArticleClik here to view.
央视报道免费WiFi有陷阱 金立M6内置安全加密芯片提升手机安全
近期,中央电视台科教频道(即CCTV-10科技频道)的《科技之光》播出了一期名为《是谁转走了他的钱》的栏目,引起广大消费者重视。节目表达出随着互联网的发展,免费WiFi市场需求持续升温,很多人都在公共场所通过它连接外网,这看似平常的行为缺隐藏着许多安全隐患。近期金立推出的M6/M6 Plus则是针对这种安全隐患所打造的安全手机,全方位保障用户资金安全。...
View ArticleClik here to view.
Jenkins Security Tutorial: DevOps Library E15
Introduction Welcome to the DevOps Library. In today’s lesson, we’re going to talk about securing Jenkins (including the difference between authentication and authorization ), how to set up different...
View ArticleIT Concerns Country to Country: Ponemon Institute Study
Varonis recently released the third and final part of a study about data protection and enterprise security with the Ponemon Research institute: Differences in Security Practices and Vigilance across...
View Article自主可控解决安全顽疾
当前,全球信息化进入全面深化和变革创新阶段,而与之相对应的信息安全问题也愈发突出。中国长城计算机深圳股份有限公司(简称长城电脑)积极应对产业形势,全面布局信息安全产业,与同为中国电子(中国电子信息产业集团有限公司简称)旗下的长城信息产业股份有限公司(简称长城信息)进行了整合重组,将中国电子优质的军工资产注入。整合后的公司将成为中国电子自主可控计算的重要载体,成为中国电子军民融合的信息安全重要平台。...
View ArticleClik here to view.
Executable Files, Old Exploit Kits Top Most Effective Attack Methods
Researchers for the new 'Hacker's Playbook' analyzed 4 million breach methods from an attacker's point of view to gauge the real risks today to enterprises. No organization is immune to the risk of a...
View ArticleClik here to view.
Vera Bradley is the latest retailer to fall victim to hackers, extent unknown
2016 has been a long year for retailers, with a number of them being relieved of customer data by hackers looking mostly for credit card information. Wendys, Eddie Bauer, Hard Rock Hotel and Casino Las...
View ArticleYahoo!’s Password Security - Anna Filina
I posted this tweet recently and gotmany replies.Since I wasanswering the exact same few questions dozens of times, I’d like tosummarize everything here. I will also add some new information that I...
View ArticleStop Thinking of Compliance as a Checkbox
Matt Ploessel Markley Group Matt Ploessel is a Security Architect for the Markley Group. There is no arguing that a company’s data is one of its most valuable assets, especially in the financial...
View Article装修公司老板雇黑客窃取同行客户信息被刑拘
装修公司老板雇黑客窃取同行客户信息被刑拘 1小时前来源:红网 市场竞争讲究公平、公正。竞争不过对手,一家名为雅筑装饰的装修公司竟然雇佣黑客,窃取同行的客户资源抢业务。昨日,开福区公安分局通报,因涉嫌非法获取公民个人信息,“雅筑装饰”女老板罗某及其下属4人被依法刑拘。 装修公司客户信息泄露...
View ArticleClik here to view.
这份外泄的黑客服务清单又要掀起一场腥风血雨
这份外泄的黑客服务清单又要掀起一场腥风血雨 3小时前来源:CodeSec php?url=0Eeq3aPTnr" alt="这份外泄的黑客服务清单又要掀起一场腥风血雨" />2014年的夏天,印度新德里一个不知名的承包商Aglaya公司正在默默努力着,试图在年收益高达50亿美元的外包政府监控市场和黑客服务市场中分一杯羹。...
View ArticleMirai源码分析报告
阅读: 2 物联网僵尸网络病毒“Mirai”在上月参与发起了针对KrebOnSecurity安全站点的大规模分布式DDoS攻击,新一类僵尸网络从各种容易被感染的物联网设备中发起,流量巨大防不胜防。“Mirai”可以高效扫描物联网系统设备,感染采用出厂密码设置或弱密码加密的脆弱物联网设备,被病毒感染后,设备成为僵尸网络机器人后在黑客命令下发动高强度僵尸网络攻击。本文针对Mirai源码进行详细分析。...
View ArticleClik here to view.
浅谈电商平台账户安全体系――注册&登录
账户安全在现今互联网环境下一直是一个备受关注的话题。账户安全体系对任何一个平台而言,在保障真实用户个人信息安全以及良好的平台体验层面有着不可分割的作用。本文作者就从业务层面浅谈一下账户安全体系,主要就目前所涉及的几个主要业务点进行分析。...
View ArticleClik here to view.
Python黑帽编程 4.0 网络互连层攻击概述
python 黑帽编程 4.0 网络互连层攻击概述 是时候重新温习下下面这张图了。 图 2 本章的内容核心包含上图中的网络层和传输层。 TCP/IP 是整个网络协议体系中的核心,因为从这里开始,数据传输从局域网迈向了广阔的互联网,我们的程序也有能力处理来自互联网的数据,可以直接对互联网上的主机进行攻击和测试。...
View ArticleIBM Redefines Security, Availability and Economics of Storing Data in the...
ARMONK, NY 13 Oct 2016:IBM (NYSE: IBM ) today is introducing a new cloud object storage service that redefines the security, availability and economics of storing, managing and accessing massive...
View ArticleIT Pros Have Little Confidence in Cloud Storage Security―But Use it Anyway
A good chunk of global IT pros (26%) lack confidence in their IT team’s knowledge of how to properly use cloud storage services, despite using a large number of public and private cloud storage...
View ArticleClik here to view.
New endpoint solution protects privileged access credentials
Credentials for privileged access accounts are a prime target for cyber attackers and they can often be stolen from vulnerable endpoints. Privileged account management specialist Thycotic is tackling...
View ArticleClik here to view.
Information Security Policies, Procedures, and Standards: A Practitioner’s...
Security policies are like fiber (the kind you eat, not the telco type). Everyone agrees they are important, but often don’t want to deal with it. Most organizations eventually realize there comes a...
View Article