November 2016 - Page 7 of 11 - Cyber Security Minute

How to protect your marketing team amidst security threats

Issued by: CIO Security

Unfortunately, businesses have never been more exposed to threats of cyber-attacks than now. As more and more information is shared online, hackers are enhancing their efforts and targeting vulnerable businesses. The good news is that there are also more security solutions available than ever before. By implementing them in the appropriate manner, you can keep…

Application Security

Yahoo investigating if insiders knew of hack

Issued by: CIO Security

Yahoo said investigators were looking into the possibility that some people within the company knew at the time about the late 2014 theft of information of at least 500 million user accounts. Law enforcement authorities on Monday also “began sharing certain data that they indicated was provided by a hacker who claimed the information was…

Vulnerabilities

Tesco Bank hack shows that attackers continue to follow easy money

Issued by: Help Net Security

What happens when nearly 9,000 accounts at a financial institution experience fraudulent activity and clients have nearly £2.5 million stolen? People notice. The bank notices and shuts down activity, raising a chilling question for financial institutions: “Is this the new normal for banking in the age of cyber crime?” As we continue to learn more…

Software Security

Best Practices for using Splunk Enterprise for compliance

Issued by: Splunk

I have listed these best practices below in table format with more detail on the “why” then what is in the session slides. It’s more around “I need to measure technical controls in Splunk” versus “I want to use Splunk for general threat detection/response”, even though the latter typically is a part of compliance. Credit…

Software Security

The 7 Types Of Security Jobs, According To NIST

Issued by: Dark Reading

Making sense of the complex. That’s what NIST’s National Initiative for Cybersecurity Education (NICE) aims to do in developing the draft NICE Cybersecurity Workforce Framework (NCWF). Bill Newhouse, NICE deputy director and lead author of the draft document, said in developing the NCWF, NIST synthesized the diverse field of cybersecurity by identifying seven categories of…

Malware & Threats

Increasing number of financial institutions falling prey to cyber attacks

Issued by: Help Net Security

66.2 percent of financial organizations faced at least one cyber-security attack in the last year, according to MetricStream Research. The report, based on a survey conducted in July 2016, features the perspectives of C-level information security professionals in over 60 banking and financial services firms across the globe. The respondents represented financial enterprises of multiple…

Application Security

The November 2016 Security Update Review

Issued by: Trend Micro Blog

Adobe released two updates this month. The more critical of the two patches addresses nine CVEs in the Flash player. This comes just two weeks after Adobe issued an emergency Flash update to fix an issue currently being exploited. We’ll see this exploit later in a Windows update, too. Today’s Flash update is not being…

Malware & Threats

7 steps to start a bug bounty program

Issued by: CSO

Vulnerability assessment and identification strategies have evolved to include the concept of crowd sourced security testing through bug bounty programs. While bug bounty programs have been used for over 20 years, widespread adoption by enterprise organizations has just begun to take off within the last few. The bug bounty path, paved by tech giants, is…

Software Security

Getting Primed to Adopt Cognitive Security Solutions

Issued by: Security Intelligence

President Barack Obama recently sat down for an interview on emerging technologies with Wired Magazine. “Traditionally, when we think about security and protecting ourselves, we think in terms of armor or walls,” he said. “Increasingly, I find myself looking to medicine and thinking about viruses, antibodies … It means that we’ve got to think differently…

Malware & Threats

Phishing Scams as a Service? Thieves Make It Easier To Steal Passwords

Issued by: CSO

It used to be that hacking required technical prowess to create malware. Now it’s becoming possible for non-technical people with criminal intent to create a malware attack, and these service providers are making it easy. These types of attacks are being offered as malware as a service. It allows malware developers to sell their malicious…