ITCurated, Author at Cyber Security Minute

White House Cyber Chief Provides Transparency Into Zero-Day Disclosure Process

Issued by: Security Week

The U.S. government Wednesday introduced greater transparency into its Vulnerabilities Equities Policy (VEP) program. This is the process by which government agencies decide whether to disclose or stockpile the cyber vulnerabilities they discover. In a lengthy statement, White House Cybersecurity Coordinator Rob Joyce explained why not all discoveries are disclosed. That will not change; but in introducing greater transparency into…

Malware & Threats

Steganography: A Safe Haven for Malware

Issued by: Security Intelligence

Steganography, or the practice of concealing a file, message, image or video within another file, message, image or video, may be an older technique, but it continues to be an incredibly versatile and effective method for obscuring or hiding information in plain sight. In 2017, IBM X-Force has identified three different malware samples in network…

Network Security

Data Storage and Encryption Should Top the CISO’s To-Do List

Issued by: Security Intelligence

In today’s digitized world, data storage and encryption are surely top of mind for most chief information officers (CIOs). But given the increasing regulations and privacy implications surrounding data security, these measures should also be on the chief information security officer (CISO)’s agenda. Most organizations need to house massive amounts of data to comply with…

Vulnerabilities

Don’t Let a Retail Vulnerability Cause Holiday Havoc

Issued by: Security Intelligence

Retail data breaches have historically occurred during the holiday season. The high volume of transactions and management’s focus on sales and inventory distract attention from a potential retail vulnerability, exposing opportunities for cybercriminals to infiltrate point-of-sale (POS) systemsand online transaction streams.

Malware & Threats

Windows Defender Immune to AVGater Quarantine Flaw: Microsoft

Issued by: Security Week

A recently disclosed vulnerability that allows an attacker to abuse the quarantine feature of anti-virus products to escalate privileges doesn’t affect Windows Defender, Microsoft says. Dubbed AVGater, the new attack method relies on a malicious DLL being quarantined by an anti-virus product and then abuses the security program’s Windows process to restore the file.

Application Security

Privacy Fears Over Artificial Intelligence as Crimestopper

Issued by: Security Week

Police in the US state of Delaware are poised to deploy “smart” cameras in cruisers to help authorities detect a vehicle carrying a fugitive, missing child or straying senior. The video feeds will be analyzed using artificial intelligence to identify vehicles by license plate or other features and “give an extra set of eyes” to…

Malware & Threats

Hackers Helped Pentagon Patch Thousands of Flaws

Issued by: Security Week

Bug bounty programs and a vulnerability disclosure policy have helped the U.S. Department of Defense patch thousands of security holes in its systems. Nearly one year after it announced its vulnerability disclosure policy, the Pentagon received 2,837 valid bug reports from roughly 650 white hat hackers located in 50 countries around the world, according to…

Malware & Threats

How To Beat Cybercrime’s Prey-and-Pay Villains

Issued by: CSO

Cybercrime pays, so much so that successful cybercriminals now run their operations like a business, complete with technical support centers, in-house training, and HR. To protect your digital assets, you need to approach your cybersecurity like a business, and not as a one-time point solution that is bolted onto existing infrastructures, programs, and procedures.

Network Security

This Week in Security News

Issued by: Trend Micro Blog

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for…

Malware & Threats

Top digital transformation challenges? Cybercrime and espionage

Issued by: Help Net Security

In Frost & Sullivan’s recent survey covering end-user perspectives on navigating digital transformation, 54 per cent of IT professionals cited cybercrime and espionage as their top challenges, followed by systems integration. Other noteworthy findings include significant IT investment in productivity, improving digital presence, as well as communications/collaboration tool integration with other business software (Microsoft Office, Google-G-suite,…