Application Security

Issued by: CIO Security

RASP rings in a new Java application security paradigm

Runtime Application Self Protection (RASP) is a next-generation cyber security technology designed to redress some of the weak points of application security. Unlike firewalls or code analysis, runtime-based technologies contain application data and contextual awareness, enabling them to be both precise and preemptive. In this article I introduce RASP. I’ll briefly compare RASP to other…

Cloud Security, Network Security

Issued by: Security Week

From Chasing Alerts to Hunting Threats: What Makes an Effective SOC is Evolving

Whether you call it a SOC, a CSOC, a Cyber Defense Center, or something else, security operation centers have the same fundamental mission – to help organizations detect, analyze, respond to, report on, and prevent cyber security incidents. But what it takes to do that effectively has changed in this ever-evolving threat landscape, putting an…

Malware & Threats

Issued by: Security Week

Sarvdap Spambot Checks IP Blacklists

The Sarvdap spambot was recently observed checking the IP addresses of infected hosts against common blacklists, in an attempt to ensure that its spam email is successfully delivered, Palo Alto Networks security researchers reveal. While other spambots typically start sending spam emails as soon as a host has been infected, Sarvdap first checks to see…

Vulnerabilities

Issued by: Security Week

“Dirty COW” Linux Kernel Exploit Seen in the Wild

A new Linux kernel vulnerability disclosed on Wednesday allows an unprivileged local attacker to escalate their privileges on a targeted system. Red Hat said it was aware of an exploit in the wild. The vulnerability, discovered by Phil Oester, was sarcastically dubbed by some people “Dirty COW” due to the fact that it’s caused by…

Cloud Security, Mobile Security

Issued by: Dark Reading

Why Poor Cyber Hygiene Invites Risk

Organizations around the world are implementing mobility, cloud computing, the Internet of Things (IoT), business intelligence, and social media technologies at breakneck speeds in order to remain competitive and relevant in today’s digital economy. However, with the rapid implementation of these technologies, new weak spots are emerging for attackers to exploit. And those adversaries are…

Malware & Threats

Issued by: Help Net Security

Hacking 3D manufacturing systems demonstrated by researchers

Researchers from three universities combined their expertise to demonstrate the first complete sabotage attack on a 3D additive manufacturing (AM) system, illustrating how a cyber attack and malicious manipulation of blueprints can fatally damage production of a device or machine. In their paper titled “Dr0wned,” researchers from Ben-Gurion University of the Negev (BGU), the University…

Network Security

Issued by: Security Intelligence

Mainframe Security: An Easy and Intuitive Access Security Model

Mainframe security is simple to understand and extremely intuitive to apply. Some might find it hard to believe that the mainframe security model can be easily integrated with other platforms and applications. As everyone in the IT industry knows, a system’s security level depends strictly on the possibility of attacks from unknown and unplanned access….