DISC InfoSec blog

Creating A Cyber Secure Home – Infographic via SANS Institute  Subscribe in a reader

Researchers in Israel created malware to draw attention to serious security weaknesses in medical imaging equipment and networks. Source: Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists Malware Analysis

Every day, big companies are still getting breached despite their security products. F-Secure’s Mikko Hypponen warns that companies that say ‘use our technology and you will not have a breach’ actually make it much harder for clients to think about and be ready for a breach. Source: Just Having A Security Product Doesn’t Make You […]

Hot on the heels of disclosing a critical zero-day vulnerability in Chrome that was being exploited in the wild by attackers, Google has now uncovered another critical zero-day that is being used alongside it to take over Windows machines. Source: Google Says Upgrade To Windows 10 After Critical Flaws Found In Chrome And Windows 7

It didn’t require an account PIN to switch carriers. Everybody uses 0000, it said, making it easier for customers… and phone hijackers. Source: Comcast security nightmare: default ‘0000’ PIN on everybody’s account Best Practice Information Security Enter your email address: Delivered by FeedBurner

In its annual security intelligence report, Microsoft offers up its top tips for blocking out hackers. Source: Microsoft: Do these things now to protect your network | ZDNet Enter your email address: Delivered by FeedBurner

#InfoSecTools The Hawkeye Scanner CLI is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks Source: Scanner CLI : A Project Security/Vulnerability/Risk Scanning Tool

Malware can spread much more easily on obsolete platforms, warns security body. With less than a year until the end of Windows 7 support, don’t get caught out. Source: Windows 7 migration warning: Plan now to avoid security worries later | ZDNet Phishing Scam Subscribe to DISC InfoSec blog by Email

Follow the guidance in this CIS document to configure Microsoft 365 security settings to the level that suits your organization. Source: Center for Internet Security releases Microsoft 365 benchmarks

Patching vulnerabilities is often seen as a key element of keeping systems secure. But a new report suggests businesses could be ‘smarter’ in their patching regimes and prioritize the i… Source: Businesses can safely delay patching most vulnerabilities 🔒 securing the business 🔒 DISC InfoSec  

Report claims US public and private sectors had over 300,000 cybersecurity-related job openings between April 2017 and March 2018. By Catalin Cimpanu for Zero Day US lawmakers have introduced a bipartisan bill in the House of Representatives meant to address the cybersecurity workforce shortage crisis. The bill, named the Cyber Ready Workforce Act (H.R.6791), would establish a grant program within […]

 Luke Irwin The dramatic rise in cyber attacks over the past few years has caught most businesses off guard. Their cyber security departments are severely understaffed, causing them to look desperately for qualified professionals to help tackle the threat. There has never been a better time to get into cyber security, so if you’re looking […]

Cyberspace, the Internet, the digital world – call it what you will – is always developing. But so are the threats and risks that come with it. It doesn’t matter if you are working in the most mature enterprise environment, unemployed, retired, or still at school, whether you often have a smartphone in your hand […]

Is this a good time to be in the field of InfoSec, (ISC)2 report shows the skills shortage is getting worse.   Over the next five years, the number of unfilled cybersecurity jobs will rise to a whopping 1.8 million, a 20% increase from 2015 estimates, according to a new (ISC)2 survey released. Cybersecurity Faces 1.8 Million […]

The textbook for the Open University’s postgraduate information security course. The recommended textbook for all IBITGQ ISO 27001 courses. Available in softcover or eBook format. Description Fully updated expert information security management and governance guidance based on the international standard for information security management, ISO 27001. As global threats to information security increase in frequency […]

There are plenty of good books out there, feel free to share your favorite InfoSec books in the comment section Cracking the Coding Interview Blue Team Field Manual (BTFM) (RTFM) The Art of Exploitation, 2nd Edition The Art of Invisibility Identity Theft by Ron Cantor Smalltalk Best Practice Patterns Cryptography Engineering: Design Principles and Practical Applications […]

  By Tracy Shumaker In order for CISOs to stay relevant in their field today, they must add communication and soft skills to their list of capabilities. Traditionally, their role has been to take charge of IT security. Now CISOs oversee cybersecurity and risk management systems. They must manage teams and get leadership approval in order […]

If you’re just starting a new job in information security, you’ve just finished your university degree, or you’re looking for the next step in your career but not sure which direction to take, try this… Information Security Expertise Bundle Designed to help you develop your knowledge and understanding of key information security topics, this collection […]

Opening theme video from RSA Conference 2016 – #RSA2016 Observations from the 2016 RSA Conference Related articles Tripwire at RSA Conference 2016: Cyberwar @ the Endpoint PhoneBoy Speaks Ep 1063: Heading to RSA Conference 2016 Digital Equilibrium Project Looks to Balance Privacy, Security 2016: RSA Conference and The DomainTools Report RSA 2016: discover the security […]

Excellence in the Field of Mathematics The Cryptographers’ Panel Crypto 101: Encryption, Codebreaking, SSL and Bitcoin Beyond Encryption: Why We Can’t Come Together on Security and Privacy Peek into the Future: Symantec Ascending the Path to Better Security: Cisco Louder Than Words: Intel Security Trust in the Cloud in Tumultuous Times: Microsoft The (Inevitable?) Decline […]