Blogs

Showing Blog Posts: 1–10 of 179 tagged Cybersecurity

  • Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door.

    by Ben Rothke on December 8, 2014

    There are really two stories within Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door. The first is how Brian Krebs uncovered the Russian cybergangs that sent trillions of spam emails for years. As interesting and compelling as that part of the story is; the second storyline is much more surprising and fascinating. Along with George V. Hulme and Steve…

  • Latest Guidelines for Malware Detection

    by Robert Moskowitz on November 28, 2014

    Today's malware brings a wide range of threats that—without proper detection and defense—can wreak havoc on any computer system. While various kinds of malware can get onto your system via the original manufacturer, information-seeking government agencies, and covert infiltrators, the vast majority of malware still comes over the Internet as software downloads. Deceptive Downloads Because a…

  • Bulletproof SSL and TLS

    by Ben Rothke on November 24, 2014

    If SSL is the emperor’s new clothes, then Ivan Ristic in Bulletproof SSL and TLS has shown that perhaps the emperor isn't wearing anything at all. There is a perception that if a web site is SSL secured, then it’s indeed secure. Read a few pages in this important book, and the SSL = security myth is dispelled. For the first 8 of the 16 chapters, Ristic, one of the greatest practical SSL./TLS…

  • Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

    by Ben Rothke on November 10, 2014

    A word to describe Takedown: The Pursuit and Capture of America's Most Wanted Computer Outlaw was hyperbole. While the general storyline from the 1996 book was accurate, filler was written that created the legend of Kevin Mitnick. This in turn makes the book a near work of historical fiction. Much has changed in nearly 20 years and Countdown to Zero Day: Stuxnet and the Launch of the World's First…

  • Security Reality: Special Challenges in Q4

    by Fahmida Y. Rashid on November 3, 2014

    The end of the year is a busy time for information security professionals. There are a lot of balls to juggle, and our adversaries are poised to attack if we look in the wrong direction. The team behind Target’s data breach last year took advantage of the retailer’s increased traffic volume—both online as well as through its brick-and-mortar stores—to sneak in and infect the point-of-sale…

  • Network Security Appliance: Build or Buy?

    by Joshua Marpet on October 29, 2014

    Monitoring your network can be a seriously unpleasant task. It involves everything from maintaining firewall rules, watching traffic, looking for problems, keeping track of the latest issues on the Internet, checking log data on the dashboard, correlating events—oh dear God, it keeps going! So, what do you do? Do you use a myriad of tools, stitch them together with some scripting, document the…

  • A Whole New Way to Spot Malware Before It Spots You

    by Robert Moskowitz on October 28, 2014

    Enterprise networks still rely on antivirus software and blacklists to keep known malware at arm's length. But researchers suggest another approach, one which promises to spot a dangerous piece of code before it shows up on a list somewhere. This form of detection doesn't look for malicious code, but for malicious networks communicating with that code. Internet service providers, and any…

  • Official (ISC)2 Guide to the CCFP CBK

    by Ben Rothke on October 21, 2014

    The Certified Cyber Forensics Professional (CCFP) is the latest certification from ISC 2 , creators of the CISSP certification. The CCFP, like the CISSP, is built around a common body of knowledge (CBK) that includes established forensics disciplines as well as newer challenges, such as mobile forensics, cloud forensics, anti-forensics, and more. For those looking for reference guide, the Official…

  • Cyber Security Awareness Month: Engage Your Users

    by Fahmida Y. Rashid on October 21, 2014

    Security professionals should take advantage of Cyber Security Awareness Month to spotlight security initiatives within their organization. Use this month to get the board and C-suite to think about security. This is also a good time to demystify security for your end users. The Department of Homeland Security has conducted a series of events every year in October since 2004 to improve security…

  • Effective Strategies for Information Protection

    by Robert Moskowitz on October 14, 2014

    The fact that more than one user in different locations may require simultaneous access to the confidential information used in different applications makes it difficult to protect the information from a wide variety of threats. Identifying Threats Protection is more than controlling access. It's also about preventing unauthorized release, unauthorized modification, and unauthorized denial of…

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 19 Dec 2014 04:24:12 -0500.
© 2014 EMC Corporation. All rights reserved.