Latest News

Latest News

  • The software flaw that could beam out passwords by DNS

    The software flaw that could beam out passwords by DNS

    The software flaw that could beam out passwords by DNS
  • Equifax data breach defense: the latest updates

    Equifax data breach defense: the latest updates

    Equifax data breach defense: the latest updates
  • PCI Issues Security Awareness Guidance

    Experts Say More Focus on Employee Training is Needed

    PCI Guidance on Security Awareness
  • OWASP Testing Guide V4 released September 17th. 2014

    OWASP Testing Guide V4 released September 17th. 2014

    OWASP Testing Guide V4
  • Want to Limit PCI DSS Scope? Use Tokenization

    Want to Limit PCI DSS Scope? Use Tokenization

    Want to Limit PCI DSS Scope? Use Tokenization
  • HIPAA Audits: A Revised Game Plan

    More On-Site Audits Planned, But All Audits on Hold for Now

    HIPAA Audits: A Revised Game Plan
  • Draft NIST Special Publication 800-57 Part 3 Revision 1 - Recommendation for Key Management Part 3: Application-Specific Key Management Guidance

    NIST would like to request comments on a Draft Revision of Special Publication (SP) 800-57 Part 3, Recommendation for Key Management: Application-Specific Key Management Guidance.

    Draft NIST Special Publication 800-57 Part 3 Revision 1 - Recommendation for Key Management Part 3: Application-Specific Key Management Guidance
  • Adobe fixes critical Flash flaw

    Adobe released an emergency update for its Flash Player plugin for Windows, OS X and Linux to fix a zero-day vulnerability. The fix addresses CVE-2014-0497 a integer underflow vulnerability that can be used to achieve remote code execution. Adobe reports that the vulnerability has been in use in the wild, meaning attackers are already aware of the flaw and actively exploiting it.

    Adobe emphasizes that both Windows and OS X users should consider it priority 1, while Linux users can treat it as priority 3. This suggests the attacks they have seen may be targeting both Mac and Windows users.

    Flash Player is embedded into Google Chrome and Microsoft Internet Explorer 11 on Windows 8 and 8.1, so you will need to check for Chrome updates or Windows Updates for these browsers. If you are a Linux user Flash is usually distributed by your distribution's package manager where you normally receive updates.

    Security updates available for Adobe Flash Player
  • Cisco Releases Security Advisory

    Cisco has released a security advisory to address multiple vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR).

    Advisory ID: cisco-sa-20131030-asr1000
  • NIST Releases Preliminary Cybersecurity Framework

    The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) today released its Preliminary Cybersecurity Framework (PDF) to help critical infrastructure owners and operators reduce cybersecurity risks in industries such as power generation, transportation and telecommunications. In the coming days, NIST will open a 45-day public comment period on the Preliminary Framework and plans to release the official framework in February 2014, as called for in Executive Order 13636—Improving Critical Infrastructure Cybersecurity.

    NIST Releases Preliminary Cybersecurity Framework
  • CONTRACTORS ASK GSA TO FREEZE CYBER-RELATED REGULATIONS

    Federal suppliers are urging officials to stop computer security rulemakings for contractors until the government issues blanket cyber guidelines for all key industries in the fall.

    CONTRACTORS ASK GSA TO FREEZE CYBER-RELATED REGULATIONS
  • Google Concedes That Drive-by Prying Violated Privacy

    Google Concedes That Drive-by Prying Violated Privacy

    read more
  • SCADA & Security of Critical Infrastructures

    SCADA & Security of Critical Infrastructures

    read more
  • Protecting yourself from Social Engineering Attacks

    Protecting yourself from Social Engineering Attacks

    Learn more
  • HIPAA/HITECH Final Rule out this month....

    The long-awaited expansion of the Health Insurance Portability and Accountability Act of 1996, unveiled Thursday afternoon by the U.S. Department of Health & Human Services, comprises four final rules, according to HHS "which have been combined to reduce the impact and number of times certain compliance activities need to be undertaken by regulated entities."

    Learn More
  • Mobile Attacks Pose Increasing Threat

    Malware, Out-of-Band Compromises Get Banks' Attention

    Learn More
  • 94% of Hospitals Report Data Breaches

    94% of Hospitals Report Data Breaches

    Learn More
  • Feds Charge Collection Agency Worker in Identity Theft Scheme

    A federal grand jury returned indictments for a former debt collection agency employee and her accomplice in a scheme that saw her steal personal information on debtors to defraud the U.S. government, according to the Justice Department

    Learn More
  • NIST Special Publication 800-38F just released

    Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping

    Learn More
  • Obama issues insider threat guidance for gov't agencies

    The memo describes new standards, which have not been publicly released, to which the agencies must minimally adhere. They include best practices around gathering, analyzing and responding to threat data; monitoring users who access classified information and offering security awareness training to workers.

    Learn More