Risk Management August 10, 2017 Eight Myths Not to Believe About Penetration Testing 3 min read - Penetration testing can help organizations across all industries identify vulnerabilities before cybercriminals have a chance to exploit them.
Risk Management August 9, 2017 Assessing Risks and Remediating Threats With a Layered Approach to Vulnerability Management 4 min read - For many companies, vulnerability management still amounts to an ongoing game of whack-a-mole to identify and remediate threats.
August 7, 2017 GitPwnd Shows How Threat Actors Could Hijack Git Repositories in Software Development 2 min read - Researchers have created a tool that uses Git repositories to demonstrate how Agile and other software development approaches could have security issues.
CISO August 4, 2017 Hire a Team of Hackers to Identify Vulnerabilities 3 min read - Many companies have adopted the practice of recruiting a team of hackers to poke holes in their networks and assess their incident response capabilities.
August 4, 2017 DOJ Issues Framework for Vulnerability Disclosure Programs 2 min read - The Department of Justice (DOJ) offered guidance on vulnerability disclosure programs, which will assist organizations in navigating legal issues.
August 1, 2017 Controller Area Network (CAN) Vulnerability Puts Vehicles at Risk 2 min read - A Controller Area Network (CAN) Bus standard vulnerability could impact the security of connected automobiles and other products.
July 31, 2017 Nuclear Power Plants at Risk Due to Radiation Monitoring Flaws 2 min read - Researchers discovered unpatched vulnerabilities in radiation monitoring devices (RMDs) that attackers could leverage to breach nuclear power plants.
CISO July 26, 2017 Psychological Security: Helping Your Team Think Like Cybercriminals 2 min read - Psychological security refers to the notion that to defend a network against threats, security professionals must be able to think like cybercriminals.
July 20, 2017 Samba Vulnerability Exposes NAS Devices to SHELLBIND Malware 2 min read - The SHELLBIND Trojan exploits a recently patched Samba vulnerability to steal data from connected network-attached storage (NAS) devices.
July 20, 2017 Google Adds Verification Screens for Plugins Following Phishing Attacks 2 min read - Google is rolling out a number of protections to combat phishing attacks through plug-ins. These verification steps will help users practice due diligence.