HackDig : Dig high-quality web security articles for hackers

Getting Ahead of SD-WAN Security With the Zero Trust Model

As businesses across the world become more geographically diverse and move toward an increasingly hybrid IT environment, legacy infrastructure is struggling to keep up. With more data flowing over enterprise networks from multiple sources, the demand for software-defined wide area network (SD-WAN) technology is growing exponentially. A report from IDC predic
Publish At:2017-08-24 16:50 | Read:3833 | Comments:0 | Tags:Network Infrastructure Protection Infrastructure Security ne

Government Agencies Must Work With the Private Sector to Bolster Infrastructure Security

Securing data is never easy. It often requires the infusion of outside expertise to put together an effective information security strategy. Data stored on government servers is especially valuable to both individual fraudsters and nation-state actors, and government agencies have been under pressure to enhance their infrastructure security capabilities and
Publish At:2017-08-18 13:25 | Read:5134 | Comments:0 | Tags:Data Protection Government Cybersecurity Cybersecurity Frame

Cybercrime Without Borders: Bridging Gaps Between Public and Private Sectors to Ensure a Safer Future

Imagine it’s lunchtime in Manhattan. Hundreds of thousands of people are leaving their desks to visit their favorite eatery and enjoy a short time away from the office. Suddenly, elevators across the city grind to a halt and a significant percentage of New York’s workforce is trapped. After too many hours, the overwhelmed emergency responders a
Publish At:2017-07-28 21:55 | Read:5165 | Comments:0 | Tags:Government Risk Management Collaboration Cybercrime Federal

Estonia to Build Off-Site Data Center in Luxembourg

Lots of companies have disaster recovery data centers located far from their headquarters, but Estonia is the first government to build an off-site data center in another country. The small Baltic nation will make backup copies of its critical data infrastructure and store them in Luxembourg if agreements between the two countries are reached. The idea is th
Publish At:2017-07-27 00:40 | Read:4961 | Comments:0 | Tags:Data Protection Government Critical Infrastructure Data Cent

Don’t Wait for the Next WannaCry — Update Your SMB Protocol Before It’s Too Late

Much has been written about WannaCry, and the security community has learned countless valuable lessons from the unprecedented ransomware attack. One thing that is seldom mentioned, however, is how to protect your infrastructure against future Server Message Block (SMB) exploits. Removing the Insecure SMB Protocol Microsoft has three different versions of
Publish At:2017-06-09 10:30 | Read:4906 | Comments:0 | Tags:Network Exploit Infrastructure Protection Microsoft Network

Big Changes Around the Corner for the IoT

The Internet of Things (IoT) is a swamp that just doesn’t want to be drained. While there hasn’t been a huge alligator of a distributed denial-of-service (DDoS) attack in the last few months, it’s only a matter of time before a new one strikes. There are simply too many connected devices, many of which lack the built-in security to resist b
Publish At:2017-04-21 16:20 | Read:4076 | Comments:0 | Tags:Endpoint Network Connected Devices Infrastructure Infrastruc

Lesson Learned From Stuxnet

Security researchers discovered Stuxnet in 2010, and it has since become one of the most well-known malware campaigns in history. The cybercriminals behind the attack developed the infamous worm to damage programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems using four zero-day vulnerabilities in Microsoft Windows
Publish At:2017-03-10 12:10 | Read:3964 | Comments:0 | Tags:Energy and Utility Infrastructure Protection Energy Industry

Information Overload — Now What?

Growing up in a small town, there wasn’t much to do. One magical day, I watched as a truck pulled up to the one restaurant in town and delivered a large crate onto the loading dock. Intrigued, I rode my bike over as the employees popped the top off a crate and revealed what was inside: a new arcade game called Missile Command. Fast forward to several m
Publish At:2017-03-08 23:20 | Read:3963 | Comments:0 | Tags:Infrastructure Protection IBM Managed Security Services (MSS

Cheap Shock: Why Shellshock Is Still a Thing

We have all heard of Shellshock. For those who are not aware, Shellshock is a Linux-targeting vulnerability that was discovered in late 2014 and published as CVE-2014-6271. The exploit was found within the bourne-again shell (BASH), which was the default command shell on almost every Linux and Unix system back then. It enables attackers to execute commands w
Publish At:2017-03-08 04:55 | Read:3530 | Comments:0 | Tags:Infrastructure Protection Network & Endpoint Advanced Threat

Making the Move to an All-HTTPS Network

Many website operators have wrestled with the decision to move all their web infrastructure to support HTTPS protocols. The upside is obvious: better protection and a more secure pathway between browser and server. Having a secure connection also makes it harder for cybercriminals to insert man-in-the-middle (MitM) or man-in-the-browser (MitB) attacks, and i
Publish At:2017-02-24 09:15 | Read:5179 | Comments:0 | Tags:Infrastructure Protection Network & Endpoint Browser Securit

X-Force Red Launches in Latin America and Takes on the Evolution of Cybersecurity

It has been almost three months since I joined IBM with the mission of leading the X-Force Red team in Latin America and heading up some of our special initiatives. For the past few years, I have worked closely with security professionals in Latin America to fight against targeted attacks in which cybercriminals do whatever it takes to gain and maintain acce
Publish At:2017-02-07 11:30 | Read:3600 | Comments:0 | Tags:Advanced Threats Data Protection Infrastructure Protection X

The Zero Trust Model for Living in a Hacked World

Although data breaches happen to corporations, the impact ultimately affects normal citizens like you and me. When we fall victim to credit card breaches, the associated anxiety and uncertainty is not addressed beyond proffered, free credit watch and protection services. Our personal email accounts are also at risk of misuse. According to CNN, a recent call
Publish At:2017-02-03 15:20 | Read:4612 | Comments:0 | Tags:Identity & Access Network & Endpoint Access Management Cloud

Secure SD-WAN: The First Step Toward Zero Trust Security

Imagine the typical network architecture of any enterprise. It’s usually an unruly collection of network connections going in all directions between a wide array of infrastructure devices on a legacy flat network. Every time the infrastructure requires a change, you take a deep breath and open up the network diagram, hoping you can somehow wedge your n
Publish At:2017-01-30 19:15 | Read:4712 | Comments:0 | Tags:Network & Endpoint Cloud Cloud Security Infrastructure Prote

Know Your Security Loopholes to Outsmart Lurking Cyberthreats

Co-authored by Pallavi Yerram. Joanna loves to access her mobile devices to complete all her work, buy groceries for her home and conduct myriad other daily activities. But recently, she found that someone else had gained access to her credit card details. How did it happen and what will she do now? Like Joanna, most of us use our mobile phones for everythin
Publish At:2017-01-17 18:05 | Read:4573 | Comments:0 | Tags:Application Security Fraud Protection Infrastructure Protect

How to Ensure the Success of a Hot Desking Strategy

The concept of hot desking — the practice of working in a shared office with unassigned desks — has been around for at least a decade. While much has been written about it from a worker’s point of view, employers and IT administrators have had a relatively small voice in the discussion around the latest office craze. Before you even consider whether th
Publish At:2017-01-13 22:00 | Read:5518 | Comments:0 | Tags:Infrastructure Protection Mobile Security Bring-Your-Own-Dev