HP Patches High-Risk Vulnerability in Business Printers

HP released security firmware updates this week for dozens of printers, including enterprise models, to fix a high-risk vulnerability that could allow attackers to compromise the devices. The vulnerability, tracked as CVE-2017-2750, stems from a failure to properly validate DLL signatures and can be exploited to execute arbitrary code on the operating system of 54..
Read more

Securing Electronic Medical Records Still Causing Headaches

Electronic Medical Records (EMR) have been widely adopted by healthcare providers to improve operational efficiency and patient care. As with the adoption of any new technology that continues to evolve, with benefits come risks. EMRs have given rise to new considerations around cyber risk for healthcare providers and have helped spark a conversation around the … Read More The post Securing Electronic Medical Records Still Causing Headaches appeared first on The State of Security.
Read more

Weekly Cyber Risk Roundup: More Payment Card Breaches and Dark Web Arrests

Payment card breaches were back in the news again this week as Forever 21 announced that it is investigating a point-of-sale breach (POS) at some of its stores, and several other organizations issued breach announcements related to stolen payment card data. Forever 21 said that it received a report from a third party about potential… Read More
Read more

New EU General Data Protection Regulation (GDPR): An IT Security View – Part II

In the first part of “GDPR: An IT Security View”, we discussed some core objectives, characteristics, and principles of the GDPR, which is due to take effect on 25th May 2018. In this second article, we will discuss in greater depth some of the core IT security objectives relating to GDPR. The purpose of the GDPR is … Read More The post New EU General Data Protection Regulation (GDPR): An IT Security View – Part II appeared first on The State of Security.
Read more

Blockchain 101: How This Emerging Technology Works

Unless you’ve been living in Slab City or off the grid for a while, you’ve probably heard this year’s omnipresent buzzword ‘blockchain.’ But perhaps you’re a bit clueless as to what this newer technology entails. In a recent HSBC survey of 12,000 respondents in 11 countries, 80 percent of people could not explain how blockchain … Read More The post Blockchain 101: How This Emerging Technology Works appeared first on The State of Security.
Read more

AU-6, AU-7 and AU-9 On the Cheap

SIEM or SEIM or Log Correlation tools are generally considered expensive. I won’t get into the particulars of what is or is not expensive for you or your customer. It also depends on system size and what your enterprise may or may not already have in place. So do check into those things before continuing.I was recently having a conversation with a friend who was lamenting that Loggly and LogEntries weren’t authorized and that their Management team had put the kibosh on self-hosting Splunk (let alone a Splunk cloud install). What’s a security dude to do?The answer lies in open-source. More specifically, Graylog. And I don’t mean enterprise, I mean loading up Graylog, probably as a Docker container, and start implementing some of the marketplace plug-ins. I would also recommend tying Graylog to LDAP so that there aren’t additional accounts to manage. It was a no brainer to me, but you never know about other people’s politics.Now that Graylog is running and accepting log data, you can update your baseline configuration so that only the service account for the forwarding service on your workloads can access the audit logs. System admins and DevOps should only...
Read more

Weekly Cyber Risk Roundup: Bad Rabbit’s Parallel Attack, Paradise Papers Fallout

October’s Bad Rabbit ransomware attacks were back in the news this week due to a report that a series of phishing attacks occurred at the same time as the Bad Rabbit outbreak, and the parallel attacks may have been carried out by the same group. The discovery also suggests that Ukraine may have been a… Read More
Read more
Page 1 of 1512345...10...Last »