HackDig : Dig high-quality web security articles for hacker

FIN7 hackers target enterprises with weaponized USB drives via USPS

The FIN7 APT group has been targeting businesses with malicious USB drives and Teddy Bears sent to the victims, the FBI warns. The FBI is warning of a new wave of attacks carried out by the FIN7 APT group that is sending to the victims devices acting as a keyboard (HID Emulator USB) when plugged into a computer. “Recently, the cybercriminal grou
Publish At:2020-03-29 11:07 | Read:117 | Comments:0 | Tags:APT Cyber Crime Hacking Malware BadUSB Cybersecurity FIN7 ha

9 Best Practices from X-Force Red for Organizations and Employees

As employers rapidly respond to the need to protect their workforces from potential exposure and spread of the novel coronavirus, also known as COVID-19, many organizations are making the very difficult decision to pivot to a work-from-home model. This means employees will be connecting to corporate networks from whichever device is available: laptops, phone
Publish At:2020-03-18 16:57 | Read:155 | Comments:0 | Tags:Application Security CISO Data Protection Threat Intelligenc

The State of the Cybersecurity Market: Where We’ve Come, Where We’re Going

There’s an interesting trend that I have personally noticed over the past few years: organizations are starting to take cybersecurity more seriously. With the multitude of high-profile data breaches, organizations are starting to realize that cybersecurity is a significant risk to the business. This allows CISOs and other similar titles with leadership respo
Publish At:2020-03-16 23:05 | Read:164 | Comments:0 | Tags:Cyber Security CISO cybersecurity risk

The effects of climate change on cybersecurity

Outside the coronavirus pandemic and its related healthcare and economic fallout, climate change and cybersecurity are seen by many as the two most urgent problems facing our planet now and in the near future. They are two distinct and separate problems, to be sure. There are some areas, however, where security and climate change overlap, interlock, and infl
Publish At:2020-03-13 18:05 | Read:251 | Comments:0 | Tags:Awareness climate change cooling cybersecurity datacenters e

The Expert’s Guide on Tackling the Cybersecurity Skills Gap

The skills gap is weighing heavily on the minds of digital security team members. In a survey of 342 security professionals, Tripwire found that 83% of infosec personnel felt more overworked in 2020 than they did a year earlier. An even greater percentage (85%) stated that it had become more difficult for their organizations to hire skilled security professi
Publish At:2020-03-12 01:29 | Read:200 | Comments:0 | Tags:Featured Articles cybersecurity skills gap

How to Leverage NIST Cybersecurity Framework for Data Integrity

Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity: the property that data has not been altered in an unauthorized manner. Tripwire is very proud to have contributed and collaborated with other technology vendo
Publish At:2020-03-11 01:03 | Read:257 | Comments:0 | Tags:IT Security and Data Protection cybersecurity NCCoE NIST

Why It’s Important to Have a Customer Community in the World of Cybersecurity

In an ever-evolving security world, we to need to secure more with even fewer resources. While the cybersecurity skills gap increases, leaving “350,000 U.S. cybersecurity jobs unfilled yearly,” it is vital to work together to protect our environments and educate others. Creating a customer community can do just that. Having a digital space with l
Publish At:2020-03-06 03:26 | Read:256 | Comments:0 | Tags:Off Topic customer cybersecurity skills gap

Navigating Cyber Landscape of Connected and Autonomous Cars

In recent years, various attacks have been performed to highlight security concerns about evolving smart cars. In particular, remote hacks took a lot of attention in 2015 when two security researchers hijacked the car’s infotainment system and demonstrated how to manipulate smart car functions. Such attacks elevate the risks associated with the smart car sys
Publish At:2020-03-02 00:48 | Read:222 | Comments:0 | Tags:IT Security and Data Protection cybersecurity ENISA Privacy

A Guide to Easy and Effective Threat Modeling

Threat modeling is a process by which potential threats can be identified, enumerated and prioritized, all from a hypothetical attacker’s point of view. The purpose of threat modeling is to provide defenders with a systematic analysis of the probable attacker’s profile, the most likely attack vectors and the assets most desired by an attacker. Ef
Publish At:2020-02-27 09:41 | Read:368 | Comments:0 | Tags:Application Security Security Intelligence & Analytics Appli

What the Explosive Growth in ICS-Infrastructure Targeting Means for Security Leaders

The recently published IBM X-Force Threat Intelligence Index 2020 pointed out that over 8.5 billion records were compromised in 2019, a figure that’s more than 200 percent greater than the number of records lost in 2018. It also determined that scanning and exploitation of vulnerabilities have increased from just 8 percent of attacks in 2018 to nearly
Publish At:2020-02-20 10:49 | Read:323 | Comments:0 | Tags:CISO Energy & Utility Security Services Brute-Force Attack C

Bluetooth bugs – researchers find 10 “Sweyntooth” security holes

byPaul DucklinA trio of researchers from Singapore just published a paper detailing a number of security holes they discovered in Bluetooth chips from several different vendors.The good news is that they disclosed the holes responsibly back in 2019 and waited 90 days – a sort-of industry standard period popularised by Google’s Project Zero team &
Publish At:2020-02-15 12:43 | Read:190 | Comments:0 | Tags:Vulnerability bluetooth cybersecurity Sweyntooth vulnerabili

Cybersecurity and data protection in 2019: the BH Consulting year in review (part 1)

It’s that time of year again, where we look back at, and reflect on, the previous 12 months. In that spirit, here’s the BH Consulting review of 2019. The roundup we present is our take on cybersecurity, data protection and privacy issues.  As regular readers will know, we don’t aim to be a website of record when it comes to chronicling the latest malware out
Publish At:2020-02-12 07:25 | Read:299 | Comments:0 | Tags:Cybersecurity Data Protection

Cybersecurity and data protection in 2019: the BH Consulting year in review (part 2)

Security is a busy field, and 2019 was no exception. Following last week’s blog looking back at the first six months of the year, here’s the second part covering cybersecurity, data protection and privacy stories that emerged between July and December.  July Summertime and the living wasn’t easy if your company was called BA or Marriott. The UK Information C
Publish At:2020-02-12 07:25 | Read:237 | Comments:0 | Tags:Cybersecurity Data Protection Information Security Standards

CISO as a service helps to tackle ongoing need for security

As cybersecurity gets more attention in businesses and organisations, the need for a Chief Information Security Officer (CISO) has come into focus. In the past, many organisations tackled security piecemeal, as a series of point-in-time exercises, but some now realise they need a dedicated resource to manage their security on a consistent, ongoing basis. Man
Publish At:2020-02-12 07:25 | Read:248 | Comments:0 | Tags:Cybersecurity Information Security Standards

Analysis of the Irish National Cyber Security Strategy

The Irish Government has published its five-year plan for ensuring its infrastructure and computer networks are “resilient, safe and secure”. The new National Cyber Security Strategy 2019-2024 is an update to the first strategy which was published in 2015. Here’s our analysis of the plan. The 60-page strategy paper [PDF] sets out a series of 20 measures unde
Publish At:2020-02-12 07:25 | Read:251 | Comments:0 | Tags:Cybersecurity

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud