HackDig : Dig high-quality web security articles for hacker

Microsoft Trials Election Security Solution in Wisconsin

Microsoft representatives are in Fulton, Wisconsin, on Tuesday to conduct the first real-world trials for ElectionGuard, the company’s open source election security solution.Introduced in May 2019, the free software development kit (SDK) was created in collaboration with Galois, aiming to provide end-to-end verification of elections. Moreover, the tool opens
Publish At:2020-02-18 12:14 | Read:197 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Audits Security Arc

Firefox 74 Will Disable TLS 1.0 and TLS 1.1 by Default

Beginning March, when Firefox 74 is set to arrive in the release channel, Mozilla will disable older Transport Layer Security (TLS) protocol versions as default options for secure connections.An improvement over the Secure Sockets Layer (SSL) protocol, TLS is meant to improve the security of the Web, but flaws and weaknesses in older iterations, specifically
Publish At:2020-02-11 11:26 | Read:242 | Comments:0 | Tags:NEWS & INDUSTRY Security Architecture Data Protection Ma

Devices Still Vulnerable to DMA Attacks Despite Protections

Many devices, including ones often found in enterprise environments, are likely still vulnerable to direct memory access (DMA) attacks, despite the fact that hardware and software vendors have implemented protections that should prevent such attacks, firmware security company Eclypsium said on Thursday.DMA is designed to allow hardware components or peripher
Publish At:2020-01-30 10:15 | Read:354 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Security Architecture

Evolution of OpenSSL Security After Heartbleed

OpenSSL has evolved a great deal in terms of security since the disclosure of the Heartbleed vulnerability back in 2014.OpenSSL, an open source library that implements the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, is widely used by organizations to protect communications.In April 2014, the world learned that OpenSSL was affecte
Publish At:2019-12-26 10:15 | Read:567 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Identity & Access Sec

Tips to Help MSSPs Choose a Threat Intelligence Partner

As small and medium-sized businesses (SMBs) increasingly recognize that a reactive security posture is no longer sufficient for protecting their networks, managed security service providers (MSSPs) that cater to SMBs face both an immense opportunity and a considerable challenge.The opportunity is for MSSPs to harness the growing demand among SMBs for proacti
Publish At:2019-12-16 12:00 | Read:493 | Comments:0 | Tags:INDUSTRY INSIGHTS Security Architecture

Researchers Warn of New Cache-Poisoned DoS Attack Method

A group of security researchers from German universities has devised a new class of web cache poisoning attacks that could render victim services unreachable.The cache is meant to reduce the volume of network traffic through the reuse of HTTP responses and helps applications scale at large, in addition to providing protection against denial-of-service (DoS)
Publish At:2019-10-24 22:15 | Read:604 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Cloud Security Security

Tech, Security Firms Launch Operational Technology Cyber Security Alliance

Several major tech and cybersecurity companies have joined forces for a new initiative called the Operational Technology Cyber Security Alliance (OTCSA), which aims to help industrial and critical infrastructure organizations address challenges related to OT security by providing guidance and resources.Founding members of OTCSA include equipment manufacturer
Publish At:2019-10-23 10:15 | Read:768 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Risk Management Security Arc

Microsoft Invests in Securing Device Firmware

Microsoft is working with PC manufacturing and silicon partners to design devices with a more secure firmware layer.The initiative aims to combat threats that are specifically targeting the firmware and operating system levels with the help of Secured-core PCs, devices that apply security best practices to firmware.These devices, the technology giant explain
Publish At:2019-10-22 22:15 | Read:618 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Security Architecture

Cybersecurity Firms Partner on Open Source Security Technology Development

A group of cybersecurity companies this week announced the Open Cybersecurity Alliance (OCA), a joint effort focused on the development of open source security technologies.Established with initial open source contribution from IBM Security and McAfee and formed under the OASIS (Organization for the Advancement of Structured Information Standards) internatio
Publish At:2019-10-09 12:00 | Read:731 | Comments:0 | Tags:NEWS & INDUSTRY Security Architecture Security Infrastru

Singapore Lays Out Plans for Operational Technology Cybersecurity

Singapore’s Cyber Security Agency (CSA) on Tuesday unveiled the country’s Operational Technology (OT) Cybersecurity Masterplan, whose goal is to help enhance the security and resilience of organizations that house OT systems.The Masterplan focuses on industrial control systems (ICS), which account for a majority of OT systems. While it’s mainly addressed to
Publish At:2019-10-02 12:00 | Read:510 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Security Architecture Traini

BlackBerry Launches New Cybersecurity R&D Unit

BlackBerry on Monday announced the launch of BlackBerry Advanced Technology Development Labs, a new business unit focusing on cybersecurity research and development.The new BlackBerry Labs will be led by the company’s CTO, Charles Eagan, and it will be run by a team of more than 120 researchers, developers, security experts, architects and product leads.Blac
Publish At:2019-10-01 12:00 | Read:589 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Security Architecture Security I

New Anomali Tool Finds Threat Data in News, Blogs, Social Networks

Threat intelligence firm Anomali on Monday announced the launch of Lens, a new tool designed to make it easier for organizations to find and use threat data from a wide range of sources.Anomali Lens is part of the company’s Altitude solution, which also includes its flagship threat intelligence platform ThreatStream and Match, a breach detection platform tha
Publish At:2019-09-30 12:00 | Read:545 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Virus & Threats Ris

GAO Says Electric Grid Cybersecurity Risks Only Partially Assessed

A new report from the United States Government Accountability Office (GAO) shows that the Department of Energy (DOE) has yet to fully analyze the electric grid cybersecurity risks.The report includes the findings of a recently conducted review of the cybersecurity of the national electric grid, which includes “the commercial electric power generation, transm
Publish At:2019-09-27 12:00 | Read:652 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Virus & Threats Complian

Microsoft to Provide Free Security Updates for Voting Systems Running Windows 7

Microsoft will continue to provide some Windows 7 machines with security updates beyond the January 2020 end-of-support date, and voting systems are among them, the company has announced.On January 14, 2020, Microsoft will cease to deliver security updates for Windows 7 and Windows Server 2008 systems as part of its normal update schedule. It will, however,
Publish At:2019-09-24 00:00 | Read:634 | Comments:0 | Tags:NEWS & INDUSTRY Security Architecture Vulnerabilities Ma

Simplifying Security Architectures with SAFE

Safe. The very sound of it resonates with security. It is with some irony that Cisco has decided to reuse the term. Why ironic? For one, there is the idea among security folk that in reality, nothing is entirely safe. Why would Cisco sell intrusion detection if no intruders can, well…intrude? For those of you who remember SAFE from the early days of Cisco, i
Publish At:2016-02-09 17:00 | Read:2811 | Comments:0 | Tags:Security SAFE security architecture


Share high-quality web security related articles with you:)


Tag Cloud