HackDig : Dig high-quality web security articles for hacker

Getting an Earful: Convincing Employees to Care About Network Security

Employees remain the biggest source of corporate cyber risk. According to the “IBM X-Force 2016 Cyber Security Intelligence Index,” staff members are responsible for 60 percent of all digital attacks endured by enterprises. In most cases, there’s no malicious intent. Employees may subvert network security by opening infected email attachmen
Publish At:2017-09-29 11:51 | Read:244 | Comments:0 | Tags:CISO Network Chief Information Security Officer (CISO) Educa

[SANS ISC] The easy way to analyze huge amounts of PCAP data

I published the following diary on isc.sans.org: “The easy way to analyze huge amounts of PCAP data“. When you are investigating a security incident, there are chances that, at a certain point, you will have to dive into network traffic analysis. If you’re lucky, you’ll have access to a network capture. Approximatively one year ago, I wrote a qui
Publish At:2017-09-28 08:00 | Read:320 | Comments:0 | Tags:Docker SANS Internet Storm Center Security Moloch network pc

What Do Recent Attacks Mean for OT Network Security?

Security management can be proactive or reactive depending on each organization’s risk appetite. When attacks are made public, things change, and learning from threats becomes a requirement for both C-suite members and security leaders. WannaCry, NotPetya and Industroyer are some of the most recently analyzed malware pieces. Apart from corporate networ
Publish At:2017-09-27 22:46 | Read:261 | Comments:0 | Tags:Endpoint Energy & Utility Incident Response Network Critical

A Basic Model to Measure SIEM Maturity

Every day, organizations rely on security information and event management (SIEM) solutions to protect, control and monitor their technology infrastructures. These platforms serve as early detection tools for security threats. But how can security professionals validate that their SIEM systems are properly configured and aligned with the organization’s
Publish At:2017-09-08 10:00 | Read:280 | Comments:0 | Tags:Data Protection Network Security Intelligence & Analytics Se

Keep Intruders Out of Your Network With Proactive Threat Hunting

A threat hunting program can provide an accurate picture of where your organization is exposed to threats and help security professionals strengthen those weaknesses. If you know how an adversary is breaking into your environment, you can improve your defenses and stop attacks from happening again in the future. This echoes the importance of having accurate
Publish At:2017-08-30 20:10 | Read:304 | Comments:0 | Tags:Network Risk Management C-Suite Network Protection Network S

Getting Ahead of SD-WAN Security With the Zero Trust Model

As businesses across the world become more geographically diverse and move toward an increasingly hybrid IT environment, legacy infrastructure is struggling to keep up. With more data flowing over enterprise networks from multiple sources, the demand for software-defined wide area network (SD-WAN) technology is growing exponentially. A report from IDC predic
Publish At:2017-08-24 16:50 | Read:205 | Comments:0 | Tags:Network Infrastructure Protection Infrastructure Security ne

Advanced Approaches to ATM Network Protection

End-to-end automated teller machine (ATM) network protection encompasses multiple security layers. Is it not enough to simply protect ATM endpoints to ensure the security of a bank’s finances. Instead, security teams at financial institutions must take a more advanced approach to ATM network protection. ATM security has always been a hot-button issue
Publish At:2017-08-11 15:05 | Read:584 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Network Securi

Integrating the IoT Into Your Application Security Program

The Internet of Things (IoT) is here, but is your security program ready to handle it? For many reasons, such as network complexity, limited visibility, politics and other challenges that come along with emerging technologies in the enterprise, your organizations is likely underprepared. To get up to speed, a good place to start is your application security
Publish At:2017-08-02 12:30 | Read:514 | Comments:0 | Tags:Application Security Network Application Security Testing Ap

To Fight Cybercriminals, Follow the Money Trail

Follow the money! That is the famous first rule for investigating white collar criminal activity. It should also be the first rule for protecting your organization from a data breach, ransomware attack or other malicious activity. A basic fact of modern cybersecurity life is that the lone hacker of yore has long since vanished, replaced by sophisticated cy
Publish At:2017-08-01 18:05 | Read:440 | Comments:0 | Tags:Fraud Protection Network Cybercrime Cybercriminals Dark Web

The Living Dead: How to Protect Legacy Systems

The recent widespread attacks of WannaCry and NotPetya both used known vulnerabilities of legacy operating systems, namely SMB v1 protocol. In general, known vulnerabilities are easy to mitigate as long as patches and updates are provided. But in these cases, many organizations seem to have ignored the advice to patch their systems — or maybe not. There ar
Publish At:2017-07-20 21:00 | Read:415 | Comments:0 | Tags:Network Risk Management Legacy Applications legacy systems n

The 21st-Century Real Estate Deal: How the Internet of Things Is Changing Commercial Real Estate

The commercial real estate (CRE) industry is on the verge of a major disruption: the Internet of Things (IoT). Technology is making its way into an industry that historically lacks the innovative spirit, and we’re beginning to see a drastic change in what it means to be a real estate broker. As client needs evolve, brokers must develop new skills to k
Publish At:2017-07-14 17:35 | Read:399 | Comments:0 | Tags:Mobile Security Network Automation Connected Devices Interne

The Limits of Linguistic Analysis for Security Attribution

Everyone wants to know who was behind the latest audacious cyberattack. Security professionals have long attempted to identify threat actors through linguistic analysis, but this method is limited when it comes to attribution. Part of the problem is that cybercriminals purposely build deception mechanisms into their code. “Deception is always a major
Publish At:2017-07-14 17:35 | Read:461 | Comments:0 | Tags:Network Risk Management Malware Malware Analysis Programming

Going Through a Rough Patch in Your Security Program? Consistent Software Patching Can Solve Security Woes

Security is an imperfect art. It’s also an imperfect science. Whether it involves experimenting with certain tweaks or implementing proven standards and prescriptive advice, figuring out how to manage a security program is as complex as navigating any other business function. According to the Pareto Principle, security professionals should focus on the
Publish At:2017-07-03 23:50 | Read:460 | Comments:0 | Tags:Endpoint Network Risk Management Adobe Patch Patch Managemen

SD-WAN: Improve Security and Reduce Cost While Complying with Payment Card Industry Standards

Software-defined wide area networking (SD-WAN) technologies are transforming the way enterprises approach connectivity and the implementation of security functions for branch and retail locations. These technologies give organizations greater flexibility, visibility and control of both satellite location networks and their connections to enterprise resources
Publish At:2017-06-30 22:10 | Read:333 | Comments:0 | Tags:Network Retail network Network Security Payment Card Industr

Execute Your IoT Deployment by the Book

Organizations contemplating Internet of Things (IoT) deployment projects must look at both past and future challenges through the lens of security. Enterprise data security is not a new topic, but for many companies, IoT deployments present new challenges because they extend the perimeter by introducing thousands of additional endpoints, each of which repres
Publish At:2017-06-27 20:30 | Read:464 | Comments:0 | Tags:Endpoint Mobile Security Network Connected Devices Endpoint

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud