HackDig : Dig high-quality web security articles for hacker

To Rank or Not to Rank Should Never Be a Question

Let’s face it: Vulnerability management is not what it used to be a decade ago. Actually, it is not what it used to be a couple of years ago. Vulnerability management is one of those ever-evolving processes. Whether it is because of compliance mandates, board demands, an overall desire to reduce risk, all of these objectives or none, almost every organ
Publish At:2020-02-20 10:49 | Read:199 | Comments:0 | Tags:Endpoint Risk Management Software & App Vulnerabilities Clou

Will Weak Passwords Doom the Internet of Things (IoT)?

Weak passwords can hurt any organization’s security efforts and make any device easily hackable, but could they also be the greatest point of failure for internet of things (IoT) security? Weak passwords certainly put companies deploying IoT devices at greater risk of falling victim to a cyberattack. We have already begun to see attacks targeting IoT d
Publish At:2020-02-15 17:18 | Read:77 | Comments:0 | Tags:Endpoint Risk Management IoT Authentication Connected Device

How Do You Measure the Success of Your Patch Management Efforts?

If you follow the news, you will often see that yet another company has been breached or taken hostage by ransomware. If you read the full details of these stories, usually they have one main thing in common: These organizations are behind in patch management. The question that arises, then, is why? There are two sides to this story: A technical one and a pr
Publish At:2020-02-09 10:30 | Read:205 | Comments:0 | Tags:Endpoint Risk Management Business Continuity Common Vulnerab

Response Required: Why Identifying Threats With Your EDR Isn’t Enough

The perpetrator was a master of disguise, outfitting himself as an employee to bypass the extensive preventive security controls and flee with the contents of the vault. Fortunately, the building was equipped with strong detection security measures, and the burglar—unaware of the location of a laser tripwire—soon set off a silent alarm. A handful of the best
Publish At:2019-12-06 16:45 | Read:560 | Comments:0 | Tags:Endpoint Security endpoint EDR

Endpoint Security 301: When Products, Policies, and People Break Down the Lines of Communication

Security architecture is like the ocean: no one owns it, and it is constantly affected by change. New technologies are introduced, staff changes occur, and as a result, communication suffers. I often see environments where ownership is placed into silos across teams in the enterprise, meaning IT administrators preventing threats may not get the insights unco
Publish At:2019-12-06 16:45 | Read:449 | Comments:0 | Tags:Endpoint Security Endpoint security endpoint mvision EDR sec

How to Tell Safe Advertisements From Dangerous Malvertising

Advertising is the life blood of the internet. Some of the world’s biggest and most influential tech companies earn a large chunk of their revenue through harmless and safe advertisements, but some of the most successful cybercriminals also rely on advertising. When good ad networks are tricked into delivering malware, it’s known as malvertising.
Publish At:2019-10-18 10:20 | Read:540 | Comments:0 | Tags:Endpoint Fraud Protection Adware Artificial Intelligence (AI

Securing Medical Devices in the Age of the IoT

The U.S. Food and Drug Administration (FDA) cautioned the health care industry to be wary about networked medical devices containing off-the-shelf (OTS) software that can connect to networks. Both health care IT professionals and manufacturers are responsible for securing medical devices by performing regular software updates and applying security patches. S
Publish At:2017-11-06 09:40 | Read:4156 | Comments:0 | Tags:Endpoint Health Care Mobile Security Connected Devices Feder

Securing the Modern Endpoint the SANS Maturity Way

In Case You Missed It Bromium recently engaged in a series of communications and events on the topic of Securing the Modern Endpoint, covering timely and provocative concepts including: How detection consistently fails to secure the enterprise and why new thinking is desperately needed How to realign your defenses around a modern threat risk model using few
Publish At:2017-10-30 17:15 | Read:4432 | Comments:0 | Tags:Threats case study data sheet defenses detection endpoint mo

Don’t Just Put Out the Zero-Day Fire — Get Rid of the Fuel

How often have you heard a co-worker say that he or she had to put out a fire? Depending on your job role, you may have anywhere from one to more than a dozen so-called fires weekly. A zero-day vulnerability is an example of a work-related fire that a security operations analyst might have to extinguish. Enterprises should be prepared to handle zero-day fir
Publish At:2017-10-22 05:00 | Read:5158 | Comments:0 | Tags:Advanced Threats Endpoint Risk Management Software & App Vul

A Cybersecurity Proof: The Application is the Endpoint

Vulnerable applications and browsers are the persistent data breach entry points—it’s not about the files Isolation is the only solution that can absolutely eliminate kernel-level exploits and malware escapes It’s time to rethink information security defense around fewer, smarter, yet more effective layers You have many more endpoints than you think. How m
Publish At:2017-10-21 16:25 | Read:3894 | Comments:0 | Tags:Threats access points application attack vector endpoint End

What Do Recent Attacks Mean for OT Network Security?

Security management can be proactive or reactive depending on each organization’s risk appetite. When attacks are made public, things change, and learning from threats becomes a requirement for both C-suite members and security leaders. WannaCry, NotPetya and Industroyer are some of the most recently analyzed malware pieces. Apart from corporate networ
Publish At:2017-09-27 22:46 | Read:4137 | Comments:0 | Tags:Endpoint Energy & Utility Incident Response Network Critical

Worried About Apache Struts? Stay One Step Ahead of Endpoint Attacks

Endpoint attacks can come from any direction and many sources. Just consider the reported vulnerabilities found in Apache Struts and the damage caused by WannaCry and Petya. Companies need to stay one step ahead of endpoint attacks, but they struggle due to a lack of visibility of endpoint status, the complexity of investigations and ineffective remediation.
Publish At:2017-09-25 15:30 | Read:5054 | Comments:0 | Tags:Endpoint Incident Response Apache Endpoint Management Endpoi

Have We Been Wrong All Along About Good Password Practices?

Have we been creating passwords the wrong way all along? You might think so, based on the new set of guidelines the National Institute of Standards and Technology (NIST) recently issued about the best password practices. NIST Special Publication 800-63 is a comprehensive guide to managing digital identity, and its recommendations are widely adopted by organi
Publish At:2017-09-21 00:50 | Read:4290 | Comments:0 | Tags:Endpoint Identity & Access Authentication National Institute

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed by users anytime. In reviewing the database on an ongoing basis, the IBM
Publish At:2017-09-14 21:10 | Read:5611 | Comments:0 | Tags:Advanced Threats Endpoint Threat Intelligence X-Force Resear

Seven Steps to Improve Your Security Operations and Response

It’s hard to escape the reality that every day, cyberthreats morph and expand, escalating the need to improve and tighten security operations and response practices. While it may feel overwhelming, there are ways to help level the playing field. Cognitive computing and machine learning are new technologies that can empower security practitioners to foc
Publish At:2017-09-05 09:35 | Read:4052 | Comments:0 | Tags:CISO Cognitive Endpoint Incident Response Security Intellige

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud