Archive for the ‘Information Security’ Category

Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists

Researchers in Israel created malware to draw attention to serious security weaknesses in medical imaging equipment and networks. Source: Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists Malware Analysis

Leave a Comment

Just Having A Security Product Doesn’t Make You Secure

Every day, big companies are still getting breached despite their security products. F-Secure’s Mikko Hypponen warns that companies that say ‘use our technology and you will not have a breach’ actually make it much harder for clients to think about and be ready for a breach. Source: Just Having A Security Product Doesn’t Make You […]

Leave a Comment

Google Says Upgrade To Windows 10 After Critical Flaws Found In Chrome And Windows 7

Hot on the heels of disclosing a critical zero-day vulnerability in Chrome that was being exploited in the wild by attackers, Google has now uncovered another critical zero-day that is being used alongside it to take over Windows machines. Source: Google Says Upgrade To Windows 10 After Critical Flaws Found In Chrome And Windows 7

Leave a Comment

Comcast security nightmare: default ‘0000’ PIN on everybody’s account

It didn’t require an account PIN to switch carriers. Everybody uses 0000, it said, making it easier for customers… and phone hijackers. Source: Comcast security nightmare: default ‘0000’ PIN on everybody’s account Best Practice Information Security Enter your email address: Delivered by FeedBurner

Leave a Comment

Microsoft: Do these things now to protect your network | ZDNet

In its annual security intelligence report, Microsoft offers up its top tips for blocking out hackers. Source: Microsoft: Do these things now to protect your network | ZDNet Enter your email address: Delivered by FeedBurner

Leave a Comment

Scanner CLI : A Project Security/Vulnerability/Risk Scanning Tool

#InfoSecTools The Hawkeye Scanner CLI is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks Source: Scanner CLI : A Project Security/Vulnerability/Risk Scanning Tool

Leave a Comment

Windows 7 migration warning: Plan now to avoid security worries later | ZDNet

Malware can spread much more easily on obsolete platforms, warns security body. With less than a year until the end of Windows 7 support, don’t get caught out. Source: Windows 7 migration warning: Plan now to avoid security worries later | ZDNet Phishing Scam Subscribe to DISC InfoSec blog by Email

Leave a Comment

Center for Internet Security releases Microsoft 365 benchmarks

Follow the guidance in this CIS document to configure Microsoft 365 security settings to the level that suits your organization. Source: Center for Internet Security releases Microsoft 365 benchmarks

Leave a Comment

Businesses can safely delay patching most vulnerabilities

Patching vulnerabilities is often seen as a key element of keeping systems secure. But a new report suggests businesses could be ‘smarter’ in their patching regimes and prioritize the i… Source: Businesses can safely delay patching most vulnerabilities 🔒 securing the business 🔒 DISC InfoSec  

Leave a Comment

US lawmakers introduce bill to fight cybersecurity workforce shortage

Report claims US public and private sectors had over 300,000 cybersecurity-related job openings between April 2017 and March 2018. By Catalin Cimpanu for Zero Day US lawmakers have introduced a bipartisan bill in the House of Representatives meant to address the cybersecurity workforce shortage crisis. The bill, named the Cyber Ready Workforce Act (H.R.6791), would establish a grant program within […]

Leave a Comment

NordVPN apps for iOS and macOS

Redesigned NordVPN apps for iOS and macOS are available now! NordVPN team has been on a mission “Make the app UX go WOW” for a while. As they want users to have smooth and hassle-free NordVPN experience, rethinking our app navigation from the ground up felt like the right thing to do. Tweak after tweak, […]

Comments (1)

4 reasons you should get a cyber security qualification

 Luke Irwin The dramatic rise in cyber attacks over the past few years has caught most businesses off guard. Their cyber security departments are severely understaffed, causing them to look desperately for qualified professionals to help tackle the threat. There has never been a better time to get into cyber security, so if you’re looking […]

Leave a Comment

Security in the Digital World

Cyberspace, the Internet, the digital world – call it what you will – is always developing. But so are the threats and risks that come with it. It doesn’t matter if you are working in the most mature enterprise environment, unemployed, retired, or still at school, whether you often have a smartphone in your hand […]

Leave a Comment

Information Security Certifications and Salaries

Is this a good time to be in the field of InfoSec, (ISC)2 report shows the skills shortage is getting worse.   Over the next five years, the number of unfilled cybersecurity jobs will rise to a whopping 1.8 million, a 20% increase from 2015 estimates, according to a new (ISC)2 survey released. Cybersecurity Faces 1.8 Million […]

Leave a Comment

Security Management and Governance

The textbook for the Open University’s postgraduate information security course. The recommended textbook for all IBITGQ ISO 27001 courses. Available in softcover or eBook format. Description Fully updated expert information security management and governance guidance based on the international standard for information security management, ISO 27001. As global threats to information security increase in frequency […]

Comments (1)

Top rated InfoSec books to broaden your horizon

There are plenty of good books out there, feel free to share your favorite InfoSec books in the comment section Cracking the Coding Interview Blue Team Field Manual (BTFM) (RTFM) The Art of Exploitation, 2nd Edition The Art of Invisibility Identity Theft by Ron Cantor Smalltalk Best Practice Patterns Cryptography Engineering: Design Principles and Practical Applications […]

Leave a Comment

The new CISO role: The softer side

  By Tracy Shumaker In order for CISOs to stay relevant in their field today, they must add communication and soft skills to their list of capabilities. Traditionally, their role has been to take charge of IT security. Now CISOs oversee cybersecurity and risk management systems. They must manage teams and get leadership approval in order […]

Leave a Comment

Information Security Expertise Bundle

If you’re just starting a new job in information security, you’ve just finished your university degree, or you’re looking for the next step in your career but not sure which direction to take, try this… Information Security Expertise Bundle Designed to help you develop your knowledge and understanding of key information security topics, this collection […]

Leave a Comment

25 Years of Information Security

Opening theme video from RSA Conference 2016 – #RSA2016 Observations from the 2016 RSA Conference Related articles Tripwire at RSA Conference 2016: Cyberwar @ the Endpoint PhoneBoy Speaks Ep 1063: Heading to RSA Conference 2016 Digital Equilibrium Project Looks to Balance Privacy, Security 2016: RSA Conference and The DomainTools Report RSA 2016: discover the security […]

Leave a Comment

RSA 2016 feature presentations and keynotes

Excellence in the Field of Mathematics The Cryptographers’ Panel Crypto 101: Encryption, Codebreaking, SSL and Bitcoin Beyond Encryption: Why We Can’t Come Together on Security and Privacy Peek into the Future: Symantec Ascending the Path to Better Security: Cisco Louder Than Words: Intel Security Trust in the Cloud in Tumultuous Times: Microsoft The (Inevitable?) Decline […]

Leave a Comment