Month: December 2017

Network Security

Issued by: Security Intelligence

Rinse, Wash, Repeat: Defining, Planning and Continuously Improving Your SIEM Strategy

Designing your security information and event management (SIEM) strategy can be very challenging, particularly in complex environments that depend on many systems and stakeholders. For security leaders, it may seem as though this work is never complete. Indeed, maintaining an effective SIEM program requires a cyclical approach of reviewing business objectives, planning detection and response…

Network Security

Issued by: Security Intelligence

Transform Your Security Strategy to Avoid Digital Roadblocks

If you are a chief information security officer (CISO) in a midsized or large organization, you might be familiar with this problem: The marketing department just launched a campaign and is collecting customer information on an unverified partner system. In addition, another business unit is launching a digital sales channel and has established its own…

Network Security

Issued by: Black Duck

Taking a Look at Black Duck Hub in 2017

Randy Kilmon, VP of Engineering at Black Duck Software, takes a look back at the enhancements and improvements we’ve made to Black Duck Hub over the last 365 days based on the feedback we’ve gotten from our customers. One of my favorite improvements we did this year was Hub Detect. It made it a lot…

Network Security

Issued by: Security Intelligence

In Case of Emergency, Break Glass: Protecting User Credentials in the Event of a Data Breach

There have been countless cyberbreaches over the past few years in which personal data, such as user IDs and passwords, have been compromised. These range from attacks against government agencies, such as two recent incidents affecting the national identity systems in Spain and Estonia, to corporate breaches exposing data belonging to millions of customers. In…

Vulnerabilities

Issued by: Security Week

Nissan Canada Informs 1.1 Million Customers of Data Breach

Nissan Canada revealed on Thursday that the personal information of some customers may have been compromised as a result of a data breach discovered by the company on December 11. The incident affects individuals who have financed their vehicles through Nissan Canada Finance (NCF) and INFINITI Financial Services Canada. The exact number of impacted customers…

Vulnerabilities

Issued by: Security Week

Windows Hello Face Recognition Tricked by Photo

The facial recognition-based authentication system in Windows Hello has been bypassed by researchers using a printed photo, but the method does not work in the latest versions of Windows 10. Windows Hello, a feature available in Windows 10, allows users to quickly and easily log into their devices using their face or fingerprints. The face…

Application Security

Issued by: Security Week

Facebook Launches New Anti-Phishing Feature

Facebook announced on Wednesday the introduction of a new security feature designed to help users check if the emails they receive are legitimate or if they have been sent by cybercriminals. When it detects a suspicious login attempt or a password change, Facebook notifies users by sending them an email from the Facebookmail.com domain. Cybercriminals…

Malware & Threats

Issued by: Help Net Security

Exploits and fileless malware drive record new malware surge

McAfee released its McAfee Labs Threat Report: December 2017, examining the growth and trends of new malware, ransomware, and other threats in Q3 2017. McAfee Labs saw malware reach an all-time high of 57.6 million new samples – four new samples per second – featuring developments such as new fileless malware using malicious macros, a…