HackDig : Dig high-quality web security articles for hackers

Achieving Compliance with Qatar’s National Information Assurance Policy

Qatar is one of the wealthiest countries in the world. Finances Online, Global Finance Magazine and others consider it to be the wealthiest nation. This is because the country has a small population of under 3 million but relies on oil for the majority of its exports and Gross Domestic Product (GDP). These two factors helped to push the country’s GDP measure
Publish At:2020-10-08 01:01 | Read:158 | Comments:0 | Tags:Featured Articles Regulatory Compliance Complaince data Info

Thinking Outside the Dox: What IT Security Can Learn From Doxing

Doxing is rightfully regarded as a dangerous threat, potentially exposing personal information where it shouldn’t be. But, defenses derived from doxing may strengthen corporate cybersecurity at scale.  Doxing is the dark side to widespread data dispersal and discovery. Data is leveraged to harm individuals or organizations, often as retaliation f
Publish At:2020-10-06 10:10 | Read:157 | Comments:0 | Tags:Data Protection Threat Intelligence Data Data Breach Persona

CORS: How to Use and Secure a CORS Policy with Origin

CORS (Cross-Origin Resource Sharing) enables resource sharing that pulls data from a lot of different sources. Like any relatively open aspect of the internet, it can be a risk. Learn how to test your web applications to create a secure CORS policy. Origins and Key Concepts CORS began as a way to make application resource sharing easier and more effective.
Publish At:2020-09-30 12:45 | Read:183 | Comments:0 | Tags:Application Security Security Services CORS Data

Preventing Shadow IT from Blindsiding your Zero Trust Plan

I’ve spoken before about Zero Trust approaches to security, but for many of those starting on their journey, there isn’t an obvious place to start with the model. With this post, I wanted to share an example approach I’ve seen working that many organisations already have in place and can be easily rolled into a larger program of Zero Trust hardening: underst
Publish At:2020-09-30 12:20 | Read:66 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Cloud data

When Your Heartbeat Becomes Data: Benefits and Risk of Biometrics

Knowing who your users are today is more important than ever. This explains, in part, why integrating biometric usage into identity and access management (IAM) appears appealing. Throw in some artificial intelligence (AI) to help manage all these data points, and the future of biometrics looks pretty wild. The appeal of using biometrics for identity and acc
Publish At:2020-08-21 08:25 | Read:369 | Comments:0 | Tags:Data Protection Identity & Access Biometric Security Biometr

How to Ensure Secure and Complete Data Destruction

Data security means keeping data out of the wrong hands. This is especially important when storage media is no longer usable and needs to be decommissioned. The data must be truly destroyed, for both security and compliance.  The trouble is ‘deleting’ data doesn’t really delete data. It’s still possible to extract data from
Publish At:2020-08-17 10:00 | Read:390 | Comments:0 | Tags:Data Protection Risk Management Big Data Corporate Data Crit

Cloud workload security: Should you worry about it?

Due to the increasing use of the cloud, organizations find themselves dealing with hybrid environments and nebulous workloads to secure. Containerization and cloud-stored data have provided the industry with a new challenge. And while you can try to make the provider of cloud data storage responsible for the security of the data, you will have a hard time tr
Publish At:2020-07-29 15:18 | Read:267 | Comments:0 | Tags:Business application layer cloud cloud resources cloud workl

Future-Proofing Data With a Data Encryption Plan

Data volume storage needs are growing exponentially across hybrid multicloud environments. Meanwhile, companies are being faced with a greater number of regulations to follow, as well as increased exposure to data ransomware, theft and misuse. Many regulations, such as the General Data Protection Regulation, highlight encryption as an example of appropriate
Publish At:2020-07-08 10:58 | Read:345 | Comments:0 | Tags:Cloud Security Data Protection data encryption Compliance Da

Sextortionists Using Social Engineering Tactics to Collect Victims’ Data

Security researchers observed sextortionists leveraging social engineering techniques to steal their victims’ personal information.SANS’ Internet Storm Center (ISC) discovered that sextortionists had begun creating profiles for young women on dating websites. They used those profiles and the stated interest of finding “good times” to
Publish At:2020-06-16 16:30 | Read:489 | Comments:0 | Tags:IT Security and Data Protection Latest Security News data se

The Latest Mobile Security Threats and How to Prevent Them

For many of us, the last few months have drastically increased our reliance on mobile capabilities. Through the increased use of corporate mobile apps, virtual private networks (VPNs), hot spots and more, mobile communications are more ubiquitous than ever. Because of this enhanced, unprecedented and sudden dependence on mobile capabilities, mobile security
Publish At:2020-06-15 10:53 | Read:535 | Comments:0 | Tags:Mobile Security Bring-Your-Own-Device (BYOD) Data Data Breac

Managed Data Activity Monitoring (DAM) Is More Important Than Ever

The transition to a remote workforce has happened so quickly that many security teams have not had an opportunity to apply desired controls. Organizations are dealing with remote access and execution privileges that were unplanned even a couple of months ago. The use of personal devices and home workspaces has increased potential risks. Typical controls such
Publish At:2020-06-03 09:20 | Read:484 | Comments:0 | Tags:Data Protection Risk Management Security Services Compliance

Maze: the ransomware that introduced an extra twist

An extra way to create leverage against victims of ransomware has been introduced by the developers of the Maze ransomware. If the victim is not convinced that she should pay the criminals because her files are encrypted, there could be an extra method of extortion. Over time, more organizations have found ways to keep safe copies of their important files or
Publish At:2020-05-29 16:05 | Read:533 | Comments:0 | Tags:Threat spotlight data Fallout Maze pulse ransomware Spelevo

DoppelPaymer Ransomware Launches Site for Publishing Victims’ Data

The operators of DoppelPaymer ransomware launched a site for publishing the data of their victims who don’t pay the ransom.On February 25, DoppelPaymer’s handlers published a site called “Dopple leaks.” A message on the site at the time of launch revealed the attackers’ intention for doing so: leak the names and data of victims
Publish At:2020-02-25 08:13 | Read:681 | Comments:0 | Tags:IT Security and Data Protection Latest Security News data Do

How to Create Value With Your (Security) Data Analytics Program

I have been fascinated by data analytics for all my professional life — from my early days of using Linux command-line tools like grep, cut, sort and unique to make sense of log files and identify the chain of events that harmed my web server, to using simple Excel and pivot tables to do pretty much the same with data of all types. Now, we have much fancier
Publish At:2020-02-10 10:40 | Read:813 | Comments:0 | Tags:Security Intelligence & Analytics Access Management Analytic

5 Ways Your Organization Can Ensure Improved Data Security

Each year on January 28, the United States, Canada, Israel and 47 European countries observe Data Privacy Day. The purpose of Data Privacy Day is to inspire dialogue on the importance of online privacy. These discussions also seek to inspire individuals and businesses to take action in an effort to respect privacy, safeguard data and enable trust.In observan
Publish At:2020-02-09 10:22 | Read:914 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data data

Tools

Tag Cloud