Improving Security via Proper Network Segmentation

Posted by:

We all strive to create 100% secure network but if the bad guys want to get in they’re going to.  Simple as that.  In the mean time there’s no point in creating a single point of failure architecture. Nimmy Reichenberg takes a look at “zoning” and how this can be an effective control to mitigate risk and hamper the bad guys if they do penetrate your network.

By properly segregating the network, you are essentially minimizing the level of access to ...

Read More →
0

How to Defend Against Identity Theft This Tax Season

Posted by:

 

As if tax time didn’t create enough stress in your environment along come the cybercriminals hacking your tax returns.

Did you know that during the first nine months of 2012 there was a 62 percent increase in the number of identity theft cases detected by the IRS.

Cybercriminals are prowling the web for ways to access people’s personal information so they can cash in on their identity. The hackers have various ways of stealing taxpayers identity, ...

Read More →
0

Social engineering attacks: Is security focused on the wrong problem?

Posted by:

social engineeringMalicious social-engineering attacks are on the rise and branching out far beyond simply targeting the financial sector. While some organizations develop employee-awareness training or solicit pen testing, or use some combination of the two, these preventive tactics can only go so far.

Adopting a “know thy data” approach — in terms of what it is, how valuable it is and where it is — and then ...

Read More →
0

PCI DSS v3.0 Goes Into Effect January 1, 2014 – Are You Ready?

Posted by:

Are you ready for the changes to PCI from version 2 to version 3. The PCI Security Standards Council has just released the final version of the standard and there are quite a few changes you should be aware of so we’ve taken the liberty of posting the changes here. A complete summary of PCI DSS Changes From 2.0 to 3.0 can be found here in PDF format.

The overall updates include specific recommendations for making PCI DSS ...

Read More →
0

Cyber criminals capitalize on news of Boston bombing

Posted by:

Cyber criminals remain indifferent and insensitive to events showcased on the national stage, such as the bombings at the Boston marathon on April 15, 2013. Since the event, the Dell SecureWorks CTU(TM) research team has been monitoring the Waledac/Kelihos botnet, which has begun distributing spam claiming to provide information about the bombing (see Figure 1). The email messages contain a single malicious link and entice victims to click the link for more information.

 

Read More →
0
Page 11 of 11 «...7891011
})
SEC Cybersecurity Exams