Threat Intelligence |
Sponsored by |
2016 broke the previous all-time high, set back in 2013, for the number of records exposed from reported data breaches. more
Many organizations are struggling to overcome key conceptual differences between today's AI-powered threat detection systems and legacy signature detection systems. A key friction area -- in perception and delivery capability -- lies with the inertia of Indicator of Compromise (IoC) sharing; something that is increasingly incompatible with the machine learning approaches incorporated into the new breed of advanced detection products. more
In Part 1 of "Bug Bounty Programs: Are You Ready?" we examined the growth of commercial bug bounty programs and what organizations need to do before investing in and launching their own bug bounty. In this part, we'll discuss why an organization needs to launch a bug bounty program, and what limits the value they will likely extract from such an investment. more
Distributed Denial of Service is a big deal -- huge pools of Internet of Things (IoT) devices, such as security cameras, are compromised by botnets and being used for large scale DDoS attacks. What are the tools in hand to fend these attacks off? The first misconception is that you can actually fend off a DDoS attack. There is no magical tool you can deploy that will allow you to go to sleep every night thinking, "tonight my network will not be impacted by a DDoS attack." more
The premise of crowdsourcing the task of uncovering new bugs and vulnerabilities in an organization's web applications or consumer products sounds compelling to many. What's not to like with the prospect of "many eyes" poking and prodding away at a corporate system for a minimal reward -- and preemptively uncovering flaws that could have been exploited by hackers with nefarious intent? more
Despite widespread concern about the security of mobile and Internet of Things (IoT) applications, organizations are ill-prepared for the risks they pose, according to a research report issued today from Ponemon Institute, IBM Security, and Arxan Technologies. more
The Canadian Security Intelligence Service (CSIS) is reported to have warned companies about an increasing risk of cyber espionage and attacks on pipelines, oil storage and shipment facilities. more
A power blackout in Ukraine's capital Kiev last month was caused by a cyber attack, according to Ukraine's National power company, Ukrenergo which hired investigators to help it determining the cause. more
Transition spokesman Sean Spicer told reporters today that former New York City Mayo, Rudy Giuliani will "chair" the cyber task force that Trump announced last Friday. The task force is given three months from Trump's inauguration to deliver a cybersecurity plan. more
Did you know that over 50% of .CZ domains are now signed with DNS Security Extensions (DNSSEC)? Or that over 2.5 million .NL domains and almost 1 million .BR domains are now DNSSEC-signed? Were you aware that around 80% of DNS clients are now requesting DNSSEC signatures in their DNS queries? And did you know that over 100,000 email domains are using DNSSEC and DANE to enable secure email between servers? more
As of January 1, the delivery of ransomware is illegal in California as per Senate Bill 1137 going into effect. more
The Federal Trade Commission is challenging the public to create an innovative tool to help protect consumers from security vulnerabilities in the software of home devices connected to the Internet of Things. more
President-elect Donald J. Trump has named Thomas P. Bossert, a top national security aide under President George W. Bush, to be his homeland security adviser, the Trump transition team announced Tuesday morning," Michael D. Shear reporting in the New York Times. more
The oft used term "the Internet of Things" (IoT) has expanded to encapsulate practically any device (or "thing") with some modicum of compute power that in turn can connect to another device that may or may not be connected to the Internet. ... The information security community -- in fact, the InfoSec industry at large -- has struggled and mostly failed to secure the "IoT". This does not bode well for the next evolutionary advancement of networked compute technology. more
"Beijing vowed on Tuesday to use all necessary means, including military ones, to wipe out subversion and attempts to undermine its sovereignty in cyberspace," Zhuang Pinghui reporting in South China Morning Post. more