Image Our new weekly security roundup series covers the week’s trending topics in the world of information security. In this compilation, we’ll let you know of the latest announcements, reports and controversies that the industry has been talking about recently. Here’s what you don’t want to miss from the week of July 27, 2015: A...

Image Black Hat USA – one of the most anticipated security events of the year, and recently ranked among our top information security conferences – returns to Las Vegas this August for its 18th year. With an expected 9,000 attendees, this year's conference will offer over 100 briefings on the latest and most innovative security...

Image "Honey... Did you make sure you locked the basement door and activated the security system? I can't wait to get to the Big Rock Campground, the kids are going to love the waterslide..." Sound familiar? The majority of new homes today have some sort of physical security system protecting the property while the family is away, but...

Image Yahoo announced that it has paid security researchers one million dollars as part of its bug bounty program. According to a post written by Ramses Martinez, Senior Director and Interim CISO at Yahoo, the company's bug bounty program, which The State of Security named one of our 11 Essential Bug Bounty Programs in 2015, has shown...

Image The hardware used in both the Internet of Things (IoT) and Industrial Control Systems (ICS) have many similarities; both often involve older systems incapable of running detection tools or monitoring agents due to outdated operating systems, resource limitations, proprietary systems and odd protocols such as Modbus and DNP3,...

Image The Domain Name System (DNS) is a hierarchical system that assigns names to computers, resources and services connected to the web. It is responsible for relating information associated with each Internet-based entity to a domain name. As such, DNS is an essential tool for organizing the web. In the wrong hands, however, it can...

Image Apple has patched an application-side input validation web vulnerability in iTunes and the App Store that allowed attackers to inject malicious code into user invoices. The vulnerability received a 'High' severity level and a CVSS rating of 5.8. It allows for session hijacking, persistent phishing attacks, and other malicious...

Image In Part 1, I discussed several important elements to landing a hands-on security gig, including passion and having the skills to pay the bills. Now, I’ll continue to guide you through various other essentials that could impact your career. Tools vs. Knowledge A good security analyst understands how various tools work, along...

Image We all know that there's a problem with passwords. Most internet users are careless when choosing passwords - either re-using the same passwords they've used elsewhere or making them too easy to crack. And if they're not guilty of that mistake, there's always the chance that their computers are infected with spyware watching...

Image Darkode, one of approximately 800 underground web forums, has resurfaced just two weeks after international law enforcement shut the site down. The takedown, known as "Operation Shrouded Horizon," began two years ago under the auspices of the Federal Bureau of Investigation's office in Pittsburgh, Pennsylvania. It eventually...

Image A politically motivated hacking group who calls themselves 3301, appears to have compromised the website of Planned Parenthood. The politically motivated attack appears to have taken advantage of a vulnerability in an outdated version the Concrete5 website content management system. The group was not able to access the file...

Image I have been involved in the hiring process for our Security Operations Center (SOC) for about a year and a half. Throughout this time, I have reviewed resumes, conducted phone screens, and participated in the technical interviewing process. I have been both dumbfounded by the audacity of some individuals and amazed by the sheer...

Image The security breach that hit the U.S. Office of Personnel Management (OPM) has many people demanding answers as to how something so egregious could happen at such an important office. Some reports indicate that as many as 35 million federal employees’ records were exposed in the cyber attack, with some of the data coming from as...

Image The Internet of Things is gradually but very surely creeping in to impact every sphere of modern life. And that goes as much for people as for business, as much for new industries as for incumbent sectors. This network of physical objects has the ability to play havoc with security and is significantly increasing the challenge...

Image Welcome to our new blog series, covering the week’s trending topics in the world of information security. In this quick news roundup, we’ll let you know of the latest research, reports and discussions that the industry has been talking about recently. Here’s what you don't want to miss from the week of July 24, 2015: Adultery...

Image While the national transition to Europay, MasterCard and Visa, known as EMV or “Chip and PIN,” is well underway, a recent study found that as many as 42 percent of companies have either taken no steps or are unaware of any progress being made to meet the October 1, 2015, deadline. The EMV readiness study conducted by Randstad...

Image 419 scams are one of the oldest and most common tricks used by fraudsters to extort money from online users. These schemes promise victims a large sum of money in exchange for a small upfront payment. In this sense, ploys, such as the Nigerian Prince scam, resemble social engineering attacks to the extent that they rely less on...

Image In September of 2014, private photos of a number of celebrities, including Kate Upton and Jennifer Lawrence, were leaked onto the image-based bulletin board 4chan. It was soon discovered that this leak occurred as a result of a brute force attack against Apple's iCloud, which until then had not limited the number of login...

Image In the financial industry, business success and sustainability depends on the health of information systems. Damage to a firm’s information systems can tarnish its reputation, compromise its data, as well as result in legal fines and penalties. Large firms often depend on thousands of such systems interconnected via the internet...