A hotel booking website hack - resulting in stolen payment cards - triggers a regulator's warning that businesses still need to pay close attention to eliminating SQL injection vulnerabilities from their websites and emphasizing secure coding.
To most effectively manage vulnerabilities, you need to think like the attacker: how would you go about doing damage, exfiltrating valuable information and making money? What are the key assets in your network that you would target? How would you get to these assets?
Drawing on decades of real-world experience,...
AlienVault's USM is tailor-made for the needs of the security-savvy SMB. It offers affordability, and a comprehensive and ever-increasing feature set powered by the respectable AV Labs and Open Threat Exchange." In this analyst report, Javvad Malik of 451 Research, reviews AlienVault's SMB-focused approach to SIEM and...
Based on the results of this year's survey, there are several key takeaways for the security community. The use of analytics and threat intelligence to ferret out complex and stealthy threats from advanced attackers and insiders is improving security for some; automation is improving; and intelligence providers are...
The absolute worst time to develop a breach response plan is directly after you have discovered a breach. The absolute best way to have your team fail at responding is to not have them trained with well-practiced procedures and have them be overly reliant on expensive, improperly configured technology. Strike, strike,...
A complete defense cannot be deployed overnight. There are multiple people, process and technology components to consider and implement. In this session, we will help identify where and how resources can be focused to have the biggest immediate risk reduction, discuss lessons learned from real-world deployments and...
Our law enforcement agencies are amassing a deep set of capabilities for investigating and prosecuting cybercrime.
These public-sector organizations, however, need to understand the driving forces, priorities and procedures within the organizations they help protect. Equally as important is that private-sector...
In addition to 56 million payment cards being compromised in the Home Depot data breach, approximately 53 million e-mail addresses also were stolen, the retailer reported in an investigation update on Nov. 6.
Part 1: Fraud and Tomorrow's Breach Targets
For as long as data can be compromised and misused, businesses that store or transmit data will be at risk of compromise. Yet those industries and segments that are common targets today are implementing solutions, such as data obfuscation and advanced authentication, which...
The latest details reported about the JPMorgan Chase breach investigation illustrate why it's critical for organizations to scrutinize external sources of information to help detect attacks.
JPMorgan Chase in September confirmed that it was the victim of a cyber-attack that compromised customer information. This infographic provides an overview of what we know so far and what questions remain unanswered.
The IT world is on the precipice of enormous change. While full adoption of this change will not happen overnight, it has already begun to happen in the datacenter and for a user near you. Because of the substantial investments made by organizations in building out their datacenters, and thanks to the significant risk...
The security benefits of log and machine data analysis are widely accepted by CISOs and CIOs, and yet too many organizations have difficulty executing on this opportunity due to bottlenecks imposed by archaic systems and processes that manage this data. Without the right tools to give easy visibility into the data,...
The debate between leading retail and banking associations over accountability for card fraud has heated up in recent weeks. One retail group now says claims about merchant security and fraud liability have been misstated.
Enterprises are increasingly adopting Linux as a secure, reliable, and high-performing platform that lowers acquisition and operating costs while providing the agility needed to anticipate and react to changing business conditions.
In particular, the Red Hat Enterprise Linux (RHEL) operating environment, which is...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.