Security Bloggers Network

Consider topics, authors and tags that you are interested in when trying to search. You can also enter your own custom search criteria. You can also click a topic below to filter all the blog posts.

SecDevOps: Minimizing Vulnerabilities While Enabling Fearless Innovation

One of the big trends sweeping the IT world is the embracing of DevOps. But, as attendees at the recent DevOps Enterprise Summit in San Francisco were reminded, a DevOps strategy ultimately is only as strong as the security wrapped …
/
RSA Conference Blog

Tim Critchley on the State of Data Security in Contact Centers in CRM Xchange

The post Tim Critchley on the State of Data Security in Contact Centers in CRM Xchange appeared first on Semafone …
/
Semafone
Black Friday shopping? “A little delay goes a long way!”

Black Friday shopping? “A little delay goes a long way!”

Want to chase those bargains on Black Friday? Here’s how to do it without falling over yourself in haste …
/
Naked Security
AWS Server User Management as a Service

AWS Server User Management as a Service

Amazon Web Services (AWS) is an Infrastructure-as-a-Service (IaaS) platform that offers a wide range of cloud based IT resources like compute services, applications, data storage, and infrastructure for modern organizations…. The post AWS Server User Management as a Service appeared …
/
JumpCloud
Stainless-Steel-Reinforcing-Bars.jpg

Advanced Persistent Infrastructure

evilCurtis Jordan, writing at Dark Reading, regales us with a tale of Advanced Persistent Infrastructure, the underpinnings of cyber; and, today’s paean to Threat Intelligence – Enjoy! Permalink …
/
Infosecurity.US

Websites Use Session-Replay Scripts to Eavesdrop on Every Keystroke and Mouse Movement

The security researchers at Princeton are posting You may know that most websites have third-party analytics scripts that record which pages you visit and the searches you make. But lately, more and more sites use "session replay" scripts. These scripts …
/
Schneier on Security

Google and Twitter turn their backs on Russian media over fake news

Russia Today and Sputnik swear up and down they’re legitimate news sources. The FBI, and former employees, beg to differ …
/
Naked Security
Eight Arrests Made in Connection with $3.5M Credit Card Skimming Scheme

Eight Arrests Made in Connection with $3.5M Credit Card Skimming Scheme

Federal and local authorities have arrested eight individuals in connection with a credit card skimming scheme that caused losses in excess of $3.5 million. On 17 November, representatives of the United States Attorney Western District of Kentucky’s office, Kentucky FBI …
/
The State of Security
What is Grammarly?

CSRF Vulnerability Allows Attackers To See Sensitive Data of Grammarly’s Customers

In the early days of the internet privacy was easier to maintain. If a website prompted you to enter your real name when registering, you had two choices. Either you would leave instantly, or you would provide a fake name, …
/
Netsparker, Web Application Security Scanner
Data Breach? Uber Has Bigger Problems

Data Breach? Uber Has Bigger Problems

After ride-hailing service Uber discovered it had been PWNd by outside hackers who obtained the names, email addresses and mobile phone numbers related to some 57 million user accounts globally and the driver’s license numbers of around 600,000 drivers in …
/
Exploiting X11 Unauthenticated Access

Exploiting X11 Unauthenticated Access

In this article, we are going to see how to exploit the x11Server Unauthenticated Access vulnerability which is associated with the CVE-1999-0526. How bad is this vulnerability? The remote X11 server… Go on to the site to read the full …
/
InfoSec Resources
Does your company need DDoS testing? Let’s find out.

Does your company need DDoS testing? Let’s find out.

DDoS testing: top five questions answered Find answers to the top five questions about DDoS testing to understand its essence, value and collateral legal issues. Security specialists have never… Go on to the site to read the full article …
/
InfoSec Resources
Regulation for IIoT is on its way – but is it enough?

Regulation for IIoT is on its way – but is it enough?

Two of the biggest technology trends today – IoT (Internet of Things) and M2M (machine-to-machine) communications – are changing the business world beyond all recognition. Companies of all sizes, from major manufacturers to small-and medium-sized services companies from all sectors, …
/
VPN Haus
Securing Ethereum at Empire Hacking

Securing Ethereum at Empire Hacking

If you’re building real applications with blockchain technology and are worried about security, consider this meetup essential. Join us on December 12th for a special edition of Empire Hacking focused entirely on the security of Ethereum. Why attend? Four blockchain …
/
Trail of Bits Blog
Intel Warns of Serious Processor Flaws

Intel Warns of Serious Processor Flaws

Intel has released firmware updates for many of its processors to fix eight high-risk flaws that can put systems at risk of complete compromise. The flaws are located in low-level technologies found in the Intel Management Engine (ME), the Intel …
/

Chromebook exploit earns researcher second $100k bounty

A year on from Google’s last $100,000 bug bounty payout, the same researcher has found a second critical persistent compromise of Chrome OS …
/
Naked Security

Apple served with warrant for Texas mass killer’s iCloud data

Texas police are looking for any data stored by gunman Devin Patrick Kelley, who was found with an iPhone after he killed himself …
/
Naked Security

‘Tis the season for proliferating payment options…and risk

It’s hard to believe that the holiday season is already upon us with both the biggest online and offline shopping… The post ‘Tis the season for proliferating payment options…and risk appeared first on Data Security Blog | Thales e-Security …
/
Data Security Blog | Thales e-Security
Security Boulevard Chat: Update on Security & Compliance From Chef

Security Boulevard Chat: Update on Security & Compliance From Chef

In this Security Boulevard Chat we speak with Dominik Richter and Dan Hauenstein of Chef. Dan and Dominik give us an update on the latest capabilities that Chef is building into its products to help with automating security & compliance …
/

SSD Advisory – Cambium Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Cambium Network Updater Tool and Networks Services Server. The Network Updater Tool is “a free-of-charge tool that applies packages to upgrade the device types that the release notes for …
/
SecuriTeam Blogs

Loading...