Category: Security Boulevard

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Appsec Village, Rafael Santos’ ‘huskyCI: Finding Flaws in…

Read more →

When a client calls us to pentest a web application that is only available in Internet Explorer. I cringe. I don’t know if it’s flashbacks from the countless hours spent getting a website compatible with IE, or the trauma from…

Read more →

Introduction to TCP The Transmission Control Protocol (TCP) is one of the most commonly-used protocols on the internet. Unlike the User Datagram Protocol (UDP), TCP is not a “fire and forget”… Go on to the site to read the full…

Read more →

Authentic8, maker of Silo, the leading web isolation platform for commercial and government organizations, is now ‘In Process’ for FedRAMP authorization. The post Authentic8 Completes FedRAMP ‘In Process’ Authorization Milestone appeared first on Security Boulevard.   Advertise on IT Security…

Read more →

Today, businesses everywhere are investing in infrastructure to support growth – whether that’s moving to the cloud or automating tasks and processes.  However, the newly introduced devices, application stacks and accounts that come with this… The post Busting Top Myths…

Read more →

Windows 10 devices are widely popular in enterprises as well as educational organizations. Windows Operating System still holds up the majority of the market share for desktops. Thanks to user familiarity, Windows desktops are here to stay.  As Windows 10…

Read more →

Introduction As modern shoppers, their expectations and mobile technologies are constantly evolving, the payments industry with newer techniques cannot fall behind. The role of the mobile point of sale is undeniable in the contemporary shopping/purchase journey scenarios. Ideally, an mPOS…

Read more →

Entities that make cloud services work together also pose a security risk. Here are four worth considering At the average-sized company today, employees use hundreds of different cloud services. All of these apps integrate with each other using APIs, roles…

Read more →

Iran vowed revenge after a U.S. airstrike ordered by President Donald Trump killed the country’s top general Qasem Soleimani earlier this month. While recent missile strikes conducted by Iran against U.S. bases in Iraq was the first public move to…

Read more →

IT organizations can automate macOS Catalina patch management to streamline operations while maximizing security. Find out how to do so here. The post macOS Catalina Patch Management appeared first on JumpCloud. The post macOS Catalina Patch Management appeared first on…

Read more →

Article by Bernard Parsons, CEO, Becrypt Whether it is an EPOS system at a fast food venue or large display system at a public transport hub, interactive kiosks are becoming popular and trusted conduits for transacting valuable data with customers.…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Appsec Village, YanYan Wang’s ‘Automate Pen Testing In…

Read more →

Application whitelisting or blacklisting is crucial on enterprise devices to ensure that the productive employee time is not wasted on non-work applications. As digital transformation is embraced by enterprises, by and large, having devices with unlimited access to entertainment apps…

Read more →

via Luke Kingma and Lou Patrick-Mackay at Futurism Cartoons Permalink The post Luke Kingma’s & Lou Patrick-Mackay’s Futurism Cartoons ‘Wandering CPU’ appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: Luke Kingma’s & Lou…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Red Team Offensive Village, Casey (3ndG4me) Erdmann’s ‘BadSalt…

Read more →

Security researchers say healthcare providers are failing to secure mind boggling amounts of highly sensitive patient medical data. The post Billions of Medical Images Leaked in Huge Privacy Puzzle appeared first on Security Boulevard.   Advertise on IT Security News. Read…

Read more →

  At ForgeRock, we’re expanding the ease of use of our ForgeRock Identity Platform. Now, if you have ForgeRock Access Manager (AM), Identity Manager (IDM), and Directory Service (DS), your developers can take advantage of our new open source SDKs…

Read more →

There is great urgency to address security issues and protect the sanctity of our upcoming elections. In 2018, the federal government made available $380M in new funding for states to update the security of their election systems, but the reality…

Read more →

The new year is upon us, which means new challenges and new opportunities. What does the future hold for IT and security? Will there be better integration and broader adoption of new technologies, or will we continue to struggle with…

Read more →

New research estimates, after all the breach data, is tallied, that by the end of 2019, healthcare-related data breaches will cost the industry $4 billion, and respondents to a recent survey expect those numbers to only increase in the year…

Read more →

Chief information security officer, or CISO for short—it’s a very popular title lately, being added to C-suites at companies of all sizes. It seems corporate boards feel a company isn’t considered serious if it doesn’t have a CISO or similarly…

Read more →

In episode 103: The US Department of Homeland Security warns of Iranian cyber-attacks, Ring gets hit with a $5 million dollar class action lawsuit, and some quick tips on how to prevent calendar SPAM. ** Show notes and links mentioned…

Read more →

via the respected information security capabilities of Robert M. Lee & the superlative illustration talents of Jeff Haas at Little Bobby Comics. The post Robert M. Lee’s & Jeff Haas’ Little Bobby Comics ‘Data Classification Fail’ appeared first on Security Boulevard.   Advertise on IT Security…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Red Team Offensive Village, Nathan Sweaney’s ‘Casting With…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Red Team Offensive Village, Chris McCoy’s ‘Through The…

Read more →

The prevalence of migration to the cloud highlights the catch-22 of cybersecurity: the security vs. convenience tradeoff. But it doesn’t have to be this way. The post How to Rein In Your Unmanaged Cloud in 4 Steps appeared first on…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Red Team Offensive Village, Adrian Sanabria’s ‘Red Team…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Red Team Offensive Village, Charles Herring’s ‘Breaking NBAD…

Read more →

On the first Monday of 2020, CNBC reported that “city governments, agencies and companies from coast to coast are on high alert for ramped up cyber activity possibly emanating from Iran. …” And that was just the start of a…

Read more →

via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD ‘Star Wars Voyager 1’ appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: XKCD ‘Star Wars Voyager 1’

Read more →

Google Cloud Identity Premium extends identities used for Google services to third-party web applications. It also has some MDM features. The post Is Google Cloud Identity Premium Right for Your Org? appeared first on JumpCloud. The post Is Google Cloud…

Read more →

Ransomware and Data Exfiltration are being combined to further complicate the lives of victims. How will this new development shake out? The post The Marriage of Data Exfiltration and Ransomware appeared first on Security Boulevard.   Advertise on IT Security…

Read more →

Checking My 2010 Security Predictions in 2020!   Advertise on IT Security News. Read the complete article: Checking My 2010 Security Predictions in 2020!

Read more →

If Azure AD is not your organization’s best choice for extending Active Directory to the cloud, here are a few alternative solutions. The post How to Extend Active Directory to the Cloud without Azure appeared first on JumpCloud. The post…

Read more →

As IT admins evaluate AWS Cloud Directory, pricing is a leading concern. Let’s break down their pricing model and how it compares to functionality. The post AWS Cloud Directory Pricing appeared first on JumpCloud. The post AWS Cloud Directory Pricing…

Read more →

The CMMC model has five defined levels, each with a set of supporting practices and processes. Practices range from Level 1 (basic cyber hygiene) and to Level 5 (advance/progressive). […] The post Cybersecurity Maturity Model Certification (CMMC) Levels appeared first…

Read more →

Simply Astonishing… The post Federally Funded Android Phones Contain Non-Removable Malware: The Government Cheese Of Mobile Devices appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: Federally Funded Android Phones Contain Non-Removable Malware: The…

Read more →

The FCC is paying Sprint, in the guise of “Assurance Wireless,” to hand out Unimax Android phones infested with malware. The post FCC Subsidized Sprint Phones Have Malware Preinstalled appeared first on Security Boulevard.   Advertise on IT Security News.…

Read more →

via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech® Permalink The post The Joy of Tech® ‘Spaceship Streaming’ appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: The Joy of Tech® ‘Spaceship Streaming’

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Bio Hacking Village, Turtle Snap’s ‘Malware And Biology’…

Read more →

In the past, technology was a topic of discussion primarily among engineers and scientists. Debates would erupt over technology, but they were confined to esoteric conferences, labs or lecture halls. Our connected world has changed all that. Now it’s not…

Read more →

Recent investigations by Bitdefender security researchers revealed an attack tactic that could be considered fileless, from an endpoint perspective. Abusing the RDP protocol, in the sense that attackers already have legitimate RDP (Remote Desktop Protocol) credentials, means they can set…

Read more →

 Although today much of the internet traffic is encrypted, attackers can still exploit it. While the need to examine encrypted traffic is obvious, the way to carry out decryption often remains a conundrum. Decrypting traffic can introduce performance bottlenecks and…

Read more →

Armis, a provider of a service through which organizations can discover devices connected to their networks and assess the level of risk they represent, has been acquired by Insight Partners for $1.1 billion in cash. Company CTO Nadir Izrael said…

Read more →

In our 2020 Trends blog, Imperva CTO Kunal Anand predicts that fully automated processes will make compliance more rapid and less expensive. As businesses incorporate security into software development lifecycles (SDLC), continuous integration-continuous deployment (CICD) processes will reduce risk and…

Read more →

Professor Peter Thomas Kirstein, CBE, FREng, DSc, FBCS, FIET, Flnstp (June 20, 1933 – January 8, 2020) was a British computer scientist who played a role in the creation of the Internet. He put the first computer on the ARPANET…

Read more →

The Easiest Questions are Sometimes the Hardest to Answer Are your products secure? Today, this is the question on everyone?… The post This is Why Keeping Products Secure Is Everyone’s Problem appeared first on ZeroNorth. The post This is Why…

Read more →

With tensions escalating on the global political front, organizations are concerned and wondering what–if anything–they can do to protect their networks and data from being targeted or becoming collateral damage in potential cyber attacks. The post Geopolitical Cyberstress? Doublecheck Your…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Bio Hacking Village, Najla Lindsay’s ‘Forensic Science And…

Read more →

via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD ‘Parenthetical Names’ appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: XKCD ‘Parenthetical Names’

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Bio Hacking Village, Wayne Penn’s ‘Amputees And Prosthetics…

Read more →

Many factors and additional services come into play when you calculate the total cost of ownership of Microsoft’s Azure Active Directory. The post Total Cost of Ownership of Azure AD appeared first on JumpCloud. The post Total Cost of Ownership…

Read more →

Mozilla’s Firefox browser has a nasty bug. Rated “critical,” the vulnerability is being actively exploited in the wild. The post Firefox Critical Zero-Day Being Exploited: Patch NOW appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete…

Read more →

Flaws in email security are among the leading causes of cybersecurity incidents for many organizations. Whether it’s ransomware, business email compromise (BEC) attacks, or a spear-phishing email that leads to cyber criminals gaining access to sensitive data, email is the…

Read more →

It’s nearly impossible to build a modern application without relying on third-party libraries. Open source software has been an amazing boom to software development. It’s been instrumental in allowing developers to build increasingly more complex applications that make the internet…

Read more →

Did you know that as networks and workloads become more dynamic and move across on-prem, edge and multi-environments, they become more vulnerable to an attack? Join us on January 16th at 1pm ET for our webinar with the AFCEA, Instrumenting…

Read more →

  The post The Importance of Context in Your Third-Party Security Process appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: The Importance of Context in Your Third-Party Security Process

Read more →

Student data privacy laws try to protect our children, but confusion still reigns School districts know that educational institutions are key targets for cybercriminals. It would help if there was a clear strategy for protecting our children. However, between the…

Read more →

The role of the application programmable interface (API) keeps rising in prominence within the enterprise. And as that happens, so does the risk of APIs as an enterprise attack surface. According to security experts, API security will be a top…

Read more →

Three Major Awards Mark A Milestone for Bitdefender’s Integrated Security Across Endpoint, Network and Cloud! From crippling ransomware attacks to a near-miss of WannaCry 2.0, 2019 has been anything but short of security incidents, with major attacks popping up in…

Read more →

Can a balance be struck between network performance and effective security in organizations? If you consider the state of data breaches and think of it as a battle between security and the bad guys, it doesn’t require much to know…

Read more →

We’re excited to announce that ShiftLeft has achieved Service Organization Control 2 Type II compliance with zero exceptions. We began this compliance effort 10 months ago. Back in May 2019, we achieved SOC 2 Type I compliance. While this was…

Read more →

Idaptive was the remedy for simplifying access to healthcare apps and safeguarding against unauthorized access to patient info. For FastMed Urgent Care, speed and efficiency are about much more than creating operational excellence. It translates into prompt, personal, and high-quality…

Read more →

Quite likely, the single most important Privacy related paper you should examine. Today’s Must Grok. Permalink The post Corporate Twisting Of Privacy Laws appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: Corporate Twisting…

Read more →

Citrix released a security advisory (CVE-2019-19781) for a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability allows an unauthenticated remote attacker to execute arbitrary code on the system. Once exploited, remote attackers…

Read more →

A cyber threat attack surface refers to the digital and physical vulnerabilities in your hardware and software environment. Learn more about threat attack surfaces, why they are a top priority of security professionals, and how a new approach can help…

Read more →

For years now I have been a huge proponent of the Raspberry Pi.  I started with a Raspberry Pi 2, which required a USB WiFi dongle for wireless, to a Raspberry Pi 3b with onboard WiFi.  Later I would get…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27 Bio Hacking Village, Rachel Smith’s ‘Liven Up: Augmenting…

Read more →

How to Fail at “Know Your Enemy”?!   Advertise on IT Security News. Read the complete article: How to Fail at “Know Your Enemy”?!

Read more →

via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD, Alignment Chart Alignment Chart appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: XKCD, Alignment Chart Alignment Chart

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27 Bio Hacking Village, Dr. Harish Manyam – Doctor…

Read more →

The 2018 Starwood Hotels breach is only the latest in a long line of high profile intrusions that hotels have faced. It’s notable primarily for how many customer records were exposed — 500 million worldwide according to parent company Marriott…

Read more →

There’s a new, practical, collision attack against SHA-1: In this paper, we report the first practical implementation of this attack, and its impact on real-world security with a PGP/GnuPG impersonation attack. We managed to significantly reduce the complexity of collisions…

Read more →

The cloud-mobile environment that we operate in today is a brave new world for many organizations. Mobile devices, both managed and unmanaged, connecting to cloud apps and infrastructure, that is off premises, render existing security equipment and infrastructure virtually useless.…

Read more →

A new study out conducted among the DevSecOps community shows that Kubernetes use is rapidly growing within the enterprise, and not just within test or development environments. As organizations try to catch their breath with the rapid adoption rate, the…

Read more →

Secure enclaves can help reduce data breaches dramatically and support the value of the cloud securely “The world runs on software” and “software is eating the world” are phrases you have probably heard over the years. No doubt we cannot…

Read more →

We’ve all read the headlines of cyberattacks on big businesses and government entities—hackers swiping millions of credit card details, Social Security numbers and other personal information. But have you thought about what the consequences a cyberattack against your small business…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Bio Hacking Village, Alex Pearlman’s ‘DIY Medicine: The…

Read more →

Well, there-they-go-again: The Spoilsports of mandated internet speeds – poo-pooing speed increases under discussion to-and-for the contemplated FCC-led Rural Digital Opportunity Fund – all in the name profits. Read it and Weep, me hearties. Today’s Must Read and a finalist…

Read more →

Two-factor authentication (2FA) brings an extra layer of security that passwords alone can’t provide. Requiring an extra step for a user to prove their identity reduces the chance of a bad actor gaining access to data. One of the most…

Read more →

via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech® Permalink The post The Joy of Tech®, ‘Social Media, It’s Worse Than We Thought’ appeared first on Security Boulevard.   Advertise on IT Security News. Read the…

Read more →

In the modern era of mixed-platform IT environment, IT admins need more from the services Active Directory offers. It’s time to modernize AD. The post Modernize Active Directory appeared first on JumpCloud. The post Modernize Active Directory appeared first on…

Read more →

The Mirai botnet that made headlines in 2016 for taking out infrastructure through large-scale network attacks has become a reference point in the security industry for the damage that large IoT botnets can inflict. Since its source code was published…

Read more →

Advances in Artificial Intelligence (AI) have led to smarter, more robust network security platforms that are quickly replacing legacy security solutions. The post Hacking the Hackers: Adversarial AI and How to Fight It appeared first on Security Boulevard.   Advertise…

Read more →

As data-centric security gain mainstream recognition for its ability to protect sensitive data from theft and malicious use, enterprises are faced with choosing a solution from an increasing array of options. However, not all solutions that claim to be data-centric…

Read more →

Thinking like the bad guys is part of being in cybersecurity. Our ability to anticipate the moves of our opponents is essential, just like in a chess game – except with real business consequences. Drawing on my prediction of worse…

Read more →

We’re thrilled to announce that Veracode Chief Executive Officer Sam King has been named one of WomenInc. Magazine’s 2019 Most Influential Corporate Directors! Honoring influencers, achievers, and executives, this announcement recognizes women who are making notable contributions to the world…

Read more →

The new year means the roll out of Patient-Driven Groupings Model (PDGM). It’s the biggest change in Medicare’s payment methodology for home healthcare since the home health Prospective Payment System (PPS) was implemented and, like PPS, means that providers have…

Read more →

Dr. Ali Hadi, a professor of cybersecurity, answers our questions and describes the Zeek framework as LEGO bricks for network security. The post Zeek is Like a Box of LEGO Bricks for Network Security [Q&A with Dr. Ali Hadi] appeared…

Read more →

The post How Cryptocurrency Could Benefit You appeared first on CCSI. The post How Cryptocurrency Could Benefit You appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: How Cryptocurrency Could Benefit You

Read more →

Today, nearly every IT decision-maker wants to invest in innovation that will facilitate network performance and agility without compromising security. For many, the answer is SD-WAN. The intersection between security and SD-WAN is critical in keeping data not only accessible…

Read more →

On January 4th, the U.S. Department of Homeland Security (DHS) issued a National Terrorism Advisory bulletin warning of a potential cyberattack by Iran in the wake of a U.S. drone attack that killed a senior Iranian military commander. Read Nozomi…

Read more →

The password is the top target for attackers, so adding MFA to Windows systems is one of the most important security measures. The post Adding MFA to Windows Systems appeared first on JumpCloud. The post Adding MFA to Windows Systems…

Read more →

Leonardo Torres y Quevedo’s fascinating Chess Automata, via History of Computers Well crafted blog entry authored by Professor Herbert Bruderer at the Communication of the ACM blog, detailing the true start of Artificial Intelligence in 1912. ‘If one takes chess…

Read more →

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Bio Hacking Village, Nick Titus’ ‘Building A New…

Read more →

Secret sources say stock exchange failure might have been caused by a security breach. GCHQ, the “Brisish NSA” are said to be investigating a possible inside job, involving a bogus software update. The post London Stock Exchange Outage: A Cyberattack? By…

Read more →

via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD, ‘OK/okay/ok’ appeared first on Security Boulevard.   Advertise on IT Security News. Read the complete article: XKCD, ‘OK/okay/ok’

Read more →

We asked some experts for their 2020 cyber security predictions. They told us to look out for ransomware, election security, 5G, IoT, regulations, and more. The post Ask the Experts: What will be the biggest cyber security story in 2020?…

Read more →

Gone are the days when IT leaders fretted that the benefits of automation would shove people out of jobs. If anything, it’s the opposite: 74% of cybersecurity professionals say that a skills shortage has affected their organizations, continuing a trend…

Read more →

As we greet this new decade with fresh goals and holiday leftovers, let’s reflect on the blogs that readers found […] The post JumpCloud’s Top 10 Blogs of 2019 appeared first on JumpCloud. The post JumpCloud’s Top 10 Blogs of…

Read more →