HackDig : Dig high-quality web security articles for hacker

Building an Effective CISO-CIO Partnership

For many, the most common reporting structure in today’s business environment is overly complicated. The majority of security leaders around the world report directly to the chief information officer (CIO), which can cause an enormous amount of conflict. That reporting structure, however, is slowly changing for some companies. In those organizations,
Publish At:2017-04-27 01:10 | Read:895 | Comments:0 | Tags:CISO Government C-Suite Chief Information Officer (CIO) Chie

The New Battlefield: Why Nation-State Malware is Winning

This warfare is being fought with computers and special created malware. It is Cyber Warfare and every large nation is playing along The most recent exposed vulnerability from Microsoft demonstrates exactly the type of method Nation-State attackers’ use. So how does a nation as sophisticated as the United States keep losing the cyber battle? The problem lie
Publish At:2017-04-25 18:10 | Read:596 | Comments:0 | Tags:Government Threats Battlefield CIA criminals Federal governm

Microsoft Office Malware Captured in a Micro-VM on an Unpatched Computer

The Bromium Labs team was able to get their hands on some live malware exploiting the Microsoft office vulnerability. First and foremost, on an unpatched workstation Bromium did its job by hardware isolating the Microsoft Word document into a protected virtual machine so that the host workstation was never infected. Secondly, it shows the amazing analytics
Publish At:2017-04-18 02:05 | Read:860 | Comments:0 | Tags:Breaking News Threats anti-virus command control EDR Events

Zero-Day Vulnerability is a Zero-Sum Game

Late last week a new Microsoft Office vulnerability was discovered by McAfee; they discovered attacks exploiting this vulnerability back to late January 2017. This should raise substantial concern for anyone responsible for cyber security at their company or federal agency. Since January, every Windows-based MS Office machine was exposed to the worst type o
Publish At:2017-04-16 13:05 | Read:658 | Comments:0 | Tags:Breaking News Government Threats Malware McAfee Microsoft Of

Malware is Becoming Alarming. Can You Hear Me Now?

A supposed “white hat” hacker gained access to the network of the Dallas Office of Emergency Management and managed to set off 156 sirens used to alert of an emergency Alarms blared for 90 minutes before the city was able to manually shut down the entire system. How does this continue to happen? Because the current method of stopping malware just isn’t work
Publish At:2017-04-16 13:05 | Read:802 | Comments:0 | Tags:Breaking News Government Threats Alarms application isolatio

Achieving Cyber Resilience with Next-Gen AV and Bromium Application Isolation

Detection-based techniques will always be one step behind the attacker. Extend NGAV using next gen virtualization with application isolation and control. Applications with the sensitive data are completely hardware-isolated from the host. In 2016, organizations spent over $80 billion on cybersecurity, while cybercriminals made $3 trillion in profit. Cybers
Publish At:2017-03-28 16:25 | Read:850 | Comments:0 | Tags:Compliance Government

Attention Federal Agencies: You Aren’t Stopping All Malware

On March 4th 2016 an endpoint at a U.S. Federal Agency encountered the Angler EK TeslaCrypt while browsing a web site (hxxp://pssor.com/pssor-home) with Internet Explorer. At the time the malware was executed on the endpoint (March 4th 2016), this was not known by any anti-virus vendor. In fact, the earliest this was discovered was March 7th 2016. Due to Br
Publish At:2017-03-23 07:30 | Read:877 | Comments:0 | Tags:Government

The New York State Department of Financial Services: The Evolution of a Regulation – Part 1

The New York State Department of Financial Services has proposed a cyber security regulation that is unique in its breadth. The original proposed regulation underwent a 45-day review period, after which it was changed. It is currently under another 45-day review period pending further changes and should be published in the next few weeks.The regulation affec
Publish At:2017-02-27 10:30 | Read:1350 | Comments:0 | Tags:Featured Articles Government CISO New York security

Cybersecurity Regulations Get Demanding

As more government agencies get involved with creating cybersecurity regulations, security professionals will need to monitor new laws and understand which apply to their industry and whether some overlap or conflict. Increased enforcement from different agencies can mean significant consequences even if breaches are avoided. As the new administration adjust
Publish At:2017-02-25 03:50 | Read:1005 | Comments:0 | Tags:CISO Government and Federal Risk Management Chief Informatio

New Wine in Old Bottles? – Continuity and Change in Trump Administration Cybersecurity Policy

The revised – and still draft – version of the Trump Administration’s first Executive Order (EO) on cybersecurity shows both continuity and positive change over the Obama Administration’s policy pronouncements, addressing federal agency network protection, critical infrastructure cybersecurity, and national cyber defense priorities.Federal Networ
Publish At:2017-02-23 14:05 | Read:1074 | Comments:0 | Tags:Featured Articles Government security Trump

5 non-negotiable principles to combat cyber war on mobile

Cyber war is a term the U.S. government is intimately familiar with, but woefully unprepared for when it comes to mobile. Government employee mobile devices are a relatively new attack surface, and a particularly valuable one for espionage missions and other criminal intent. Mobile devices access confidential, classified, and other protected data classes. A
Publish At:2017-02-17 03:30 | Read:981 | Comments:0 | Tags:Enterprise Mobile Security Uncategorized cyber war Federal g

Continuous Diagnostics and Mitigation: A Look Back and Preparing for Phase Three

Continuous monitoring, situational awareness, common operational picture, single pane of glass — these are just a few of the terms with which I’ve become well-acquainted throughout my career. Each one attempts to depict how security operation centers (SOCs) can reach the holy grail of data aggregation. To prevent, respond to or remediate a security inc
Publish At:2017-02-06 17:05 | Read:897 | Comments:0 | Tags:Government and Federal Network & Endpoint continuous monitor

Gaza Cybergang Group Targeting ME Governments with Downeks, Quasar RAT

Several high-profile attack campaigns targeting Middle Eastern companies have recently come to the attention of the security community. One of the first operations we heard about occurred on November 17, 2016, when Shamoon resurfaced and leveraged Disstrack malware to wipe the computers at an energy organization based in Saudi Arabia. Apparently, “Sham
Publish At:2017-02-03 14:35 | Read:1829 | Comments:0 | Tags:Cyber Security Featured Articles Government malware Middle E

Increased Regulatory Compliance Is Choking the CISO

Chief information security officers (CISOs) love to laugh at ridiculous compliance regulations. In the financial industry, for example, some organizations are forced to comply with Regulations Systems Compliance and Integrity (RegSCI), Commodity Futures Trading Commission (CFTC) rule 39.18, the Committee on Payments and Market Infrastructures (CPMI), the Int
Publish At:2017-02-02 02:30 | Read:955 | Comments:0 | Tags:CISO Compliance Data Protection Data Security Federal Govern

Tracking the Digital Transition in the White House

As President Donald Trump arrives at the White House to start his term, he faces a very different collection of technology than when former President Barack Obama entered eight years ago. Back then, government PCs sported floppy drives and no president ever personally used Twitter or other form of social media. Indeed, social media access was initially block
Publish At:2017-01-20 19:45 | Read:1393 | Comments:0 | Tags:Government and Federal Federal Government Federal Government

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud