Blogs

Showing Blog Posts: 1–10 of 99 tagged Hackers and Threats

  • Official (ISC)2 Guide to the CCFP CBK

    by Ben Rothke on October 21, 2014

    The Certified Cyber Forensics Professional (CCFP) is the latest certification from ISC 2 , creators of the CISSP certification. The CCFP, like the CISSP, is built around a common body of knowledge (CBK) that includes established forensics disciplines as well as newer challenges, such as mobile forensics, cloud forensics, anti-forensics, and more. For those looking for reference guide, the Official…

  • Hate Crimes in Cyberspace

    by Ben Rothke on October 14, 2014

    It’s said that criminal lawyers see bad people at their best, and divorce lawyers see good people at their worst. At times, the Internet seems to bring out the bad in all types of people. In Hate Crimes in Cyberspace, a fascinating book just out, author Danielle Keats Citron details many incidents where unsuspecting and ordinary people suddenly found themselves under direct attack in the form of…

  • Effective Strategies for Information Protection

    by Robert Moskowitz on October 14, 2014

    The fact that more than one user in different locations may require simultaneous access to the confidential information used in different applications makes it difficult to protect the information from a wide variety of threats. Identifying Threats Protection is more than controlling access. It's also about preventing unauthorized release, unauthorized modification, and unauthorized denial of…

  • Threats and Risk Management: Protect Your IP From Computer Hacking

    by Christopher Burgess on October 10, 2014

    There isn't a company in existence that doesn't have trade secrets and intellectual property worth protecting. The threats may come from computer hacking or from careless end users not paying attention to processes and procedures. One does not exclude the other. Poor cyber-hygiene makes the likelihood of systems and device compromises a real possibility. Tim Mather of Cadence Design Systems…

  • Security Risks: Mitigating the Human Element

    by Christopher Burgess on September 30, 2014

    Logs, logs, and more logs: They bury our sys admins charged with protecting our networks. The larger the company, the more data there is to process. Sorting out the false positives from those requiring immediate attention is key. We can do this by focusing on what our users are doing. We are all thankful for the plethora of tools that allows us to consume the myriad of logs and help us, the mere…

  • Take Steps to Deal With Bash Bug "Shell Shock" Now

    by Fahmida Y. Rashid on September 25, 2014

    It’s bad enough that many IT security teams are still dealing with the effects of the Heartbleed vulnerability in OpenSSL, but now they also have to handle Shell Shock, a vulnerability in the widely used command interpreter Bash. The flaw is present in how Bash sets environment variables and allows attackers launch remote code injection attacks to hijack the vulnerable machine. Threatpost does a…

  • Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware

    by Ben Rothke on September 22, 2014

    Targeted cyber attacks are for the most part the same as an APT (advanced persistent threat). It was last year’s report on APT1 from Mandiant that brought this important information security topic to the forefront. In Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware, authors Aditya Sood and Richard Enbody write that there are a few different definitions of what a…

  • The Once and Future Network Security Appliance

    by John Linkous on September 16, 2014

    In the early 2000s, the network security appliance became ubiquitous. Beginning with Web application firewalls (WAFs), and eventually extending through all seven layers of the network model, security appliances were being popped into server racks like candy. "Need to filter spam? There's an appliance for that!" "Do you want to analyze the flow data generated on your firewalls? There's an…

  • Architecting the Cloud: Design Decisions for Cloud Computing Service Models

    by Ben Rothke on September 8, 2014

    Most books about cloud computing are either extremely high-level quasi-marketing tomes (sometimes written by cloud vendors) about the myriad benefits of the cloud without any understanding of how to practically implement the technology under discussion. The other type of cloud books are highly technical references guides, that provide technical details, but for a limited audience. In Architecting…

  • Mobile Device Management and the Ubiquity of Mobile Authentication

    by John Linkous on September 2, 2014

    We all know that mobile devices are rapidly becoming an absolutely indispensable component of the online world. , This makes mobile device management even more critical, regardless of who is managing the device: a large enterprise, a small business, or just you. Online banking and other sites require a mobile device in order to send a one-time password to authenticate transactions. Smartphone…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 23 Oct 2014 11:05:01 -0400.
© 2014 EMC Corporation. All rights reserved.