The latest technologies and best practices to secure local, virtual, cloud, and hybrid networks.
Last year saw a massive surge in hacktivism – hacking motivated by political and social objectives – according to Verizon’s 2012 Data Breach Investigations Report [PDF file]. The report attributed fully 58 percent of all data stolen, more than 100 million records, to hacktivists. “The most significant change we saw in 2011 was the rise…
In a perfect world, we would all learn about preventing hack attacks before they happen. But sometimes the hack happens first and the lessons come second. This is the tale we are talking about today – based, in true Hollywood tradition, on a true story. The lead in this story is a mid-sized organization –…
Social media management company HootSuite recently acknowledged that e-mails sent to some users to warn them that their free trial of HootSuite Pro was about to end may have also included other users’ e-mail addresses, exposing the contact information of thousands of users. “Scores of HootSuite users have taken to Twitter to voice their displeasure…
The rise of IPv6 could give you some severe security headaches — even if you have no current plans to implement the new networking protocol. That was the stark warning issued by Eric Vyncke, a security expert from Cisco, talking at the RSA Conference Europe in London this month. On the face of it, there…
The City of Tulsa, Oklahoma last week began notifying residents that their personal data may have been accessed — but it now turns out that the attack was a penetration test by a company the city had hired. “City officials didn’t realize that the apparent breach was caused by the security firm, Utah-based SecurityMetrics, until…
Pwnie Express recently announced the upcoming release of the Power Pwn, a complete penetrating testing platform disguised as a surge protector. “The device is a $1,295 ‘penetration testing’ tool that will lodge remotely activated Wi-Fi, Bluetooth, and Ethernet attacks in an effort to identify network weaknesses,” writes The Verge’s Evan Rodgers. “A convenient web interface…
Denial of Service (DoS) attacks, in which attackers make it impossible for network users to access information or services by flooding the network with requests that tie up its resources, are among the most feared threats in today’s cybersecurity landscape. According to the US-CERT, DoS attacks are characterized by unusually slow network performance or…
Here’s a dirty little secret about passwords in the enterprise: In many organizations, IT administrators sometimes follow insecure password management practices because it’s often the easiest way to get the job done. The root problem is one of complexity. Managing passwords for large numbers of privileged accounts – and ensuring that the people, applications, and…