Computer Security Tip of the Day
December 12th
Never share your passwords with others, including your supervisor or coworkers. Your password is a secret; it only works if only you know it. If anyone else knows your password, you may be responsible for their actions.
SANS Institute - IT Security Whitepapers
December 11th
Learn how to strike a balance between security alerts that can be automated with minimal impact and the higher-risk alerts that need to be handled by analysts.
December 5th
Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compromise if not evaluated. Privileges can override permission causing a gap of perceived effective permission. Currently, …
December 4th
Attackers routinely use evasion to evade baseline anti-malware tools and ultimately compromise endpoints. How can enterprises prevent such intrusions without relying on after-the-fact detection? This paper explores a unique approach to preventing evasive …
December 4th
Remote access control in many ICS-SCADA environments is of limited effectiveness leading to excessive privilege for staff who have responsibilities bounded by region, site, or device. Inability to implement more restrictive least-privilege access controls…
December 4th
This paper explores ways to foster cooperation between Security and Operations groups for better visibility into threats and threat pathways, while improving overall protection and network hygiene.
Dark Reading Security News
December 12th
Oracle updates its Identity SOC and management cloud with security tools to verify and manage users trusted with access to cloud-based data and applications.
December 9th
Identity access management and security services to drive worldwide spending growth.
November 18th
The canary in the coalmine died 12 years ago, the law went into effect 19 months ago, but many organizations still won't be ready for the new privacy regulations when enforcement begins in May.
November 16th
By their very nature, antiquated, static identifiers like Social Security numbers and dates of birth are worse than passwords.
November 9th
Hotels and restaurants are in the criminal crosshairs this year.
New Security Threats
December 13th
A ransomware campaign targeting the Balkans comes with a 96-hour deadline and includes a link to a video that assures victims payments can be made easily.
December 12th
Researchers are warning of a default-configuration vulnerability in the enterprise-class keyless entry products made by AMAG Technology.
December 12th
HP released an update that fixes debugger code that could allow an attacker to use a Synaptics Touchpad driver as a keylogger.
December 9th
An Android vulnerability called Janus allows attackers to inject malicious code into signed Android apps.
December 9th
Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers.