Target’s multistate data breach settlement over its 2013 data breach outlines the kind of security measures enterprises should have in order to not be found negligent with customer data. The problem is, the settlement doesn’t go far enough to improve organizational security. For the pro-active CSO, the settlement should indicate the bare minimum and not what they should aspire to.
Fahmida Y. Rashid |
31 May |
Read more
It isn’t at WannaCry-crisis levels yet, but the fact that Samba is so widely used means a network worm can really have a field day exploiting this vulnerability.
Fahmida Y. Rashid |
26 May |
Read more
The latest campaigns are bigger, more sophisticated, and causing far more damage as the attackers learn new techniques and collaborate with other groups
Fahmida Y. Rashid |
26 Apr |
Read more
Data you thought you had deleted from the cloud can come back to haunt you. Get to know your provider’s data deletion policy
Fahmida Y. Rashid |
20 Apr |
Read more
The tools would let attackers remotely take over any Solaris system around the world
Fahmida Y. Rashid |
13 Apr |
Read more
Researchers found commonalities between tools used against Solaris 20 years ago and modern-day attacks deployed against Windows PCs
Fahmida Y. Rashid |
04 Apr |
Read more
Safeguard the software you develop from the start with these Jenkins plug-ins and integrations, which automate security testing
Fahmida Y. Rashid |
31 Mar |
Read more
New tools that protect enterprise applications running on Google Cloud Platform may help take the spotlight away from AWS and Microsoft Azure
Fahmida Y. Rashid |
10 Mar |
Read more
The internet has your number—among many other deets. Prevent identity theft and doxxing by erasing yourself from aggregator sites like Spokeo and PeekYou
Fahmida Y. Rashid |
23 Feb |
Read more
Look to these clever open source tools to keep secrets out of source code, identify malicious files, block malicious processes, and keep endpoints safe
Fahmida Y. Rashid |
21 Feb |
Read more
High-profile breaches are just the tip of the iceberg. Many have never been detected or disclosed--and without a major infrastructure changes it's only going to get worse
Fahmida Y. Rashid |
02 Feb |
Read more
Nmap 7.40 has new scripts that give IT administrators improved network mapping and port scanning capabilities
Fahmida Y. Rashid |
22 Dec |
Read more
Developers can use Project Wycheproof to test cryptographic algorithms against a library of known attacks to uncover potential weaknesses
Fahmida Y. Rashid |
20 Dec |
Read more
Attackers can exploit NTP to generate large volumes of junk traffic for distributed denial-of-service attacks. Update NTP to keep your servers out of the DDoS botnet
Fahmida Y. Rashid |
24 Nov |
Read more
Amazon Web Services is easy to work with -- but can easily compromise your environment with a single mistake
Fahmida Y. Rashid |
03 Nov |
Read more