Mar 03 2019

ISO27002 2013 ISMS Controls Gap Analysis Tool (Download)

Category: ISO 27kDISC @ 10:28 pm

ISO27002: 2013 compliant! This tool has a very specific, high-level purpose in any ISMS project, which is to quickly and clearly identify the controls and control areas in which an organization does not conform to the requirements of the standard.

Use this self-assessment tool to quickly and clearly identify the extent to which your organization has implemented the controls and addressed the control objectives in ISO 27002.

Special offer: Get two gap analysis tools for the price of one!

Complete your gap analysis with the ISO 27002:2013 ISMS Controls Gap Analysis Tool.

Buy the ISO 27001:2013 ISMS Gap Analysis Tool and get this tool for free!

Use the following code at the checkout when you buy the ISO 27001:2013 ISMS Gap Analysis Tool and the ISO 27002:2013 ISMS Controls Gap Analysis Tool will automatically be added to your shopping cart: B1G1GAP*


Mar 03 2019

Hacking with BeEf – Stealing Social Media Credentials

Category: Hacking,Web SecurityDISC @ 11:28 am

BeEF [Browser Exploitation Framework] is a penetration testing tool which focuses strongly on the web browsers. BeEF passes the hardened network perimeters.

Source: Hacking with BeEf – Stealing Social Media Credentials


Enter your email address:

Delivered by FeedBurner

Mar 02 2019

Cyber Defense Magazine – March 2019 has arrived. Enjoy it!

Category: cyber securityDISC @ 11:49 am

Cyber Defense Magazine October 2018 Edition has arrived. MARCH 2019 EDITION (RSA CONFERENCE PRINT EDITION & E-MAG COMING NEXT WEEK)

Source: Cyber Defense Magazine – March 2019 has arrived. Enjoy it!


Enter your email address:

Delivered by FeedBurner

Tags: cyber defense, cyber hacking

Mar 01 2019

How to set up a VPN

Category: VPNDISC @ 4:02 pm

Make sure you can surf safely

In a nutshell, a VPN establishes a secure, encrypted connection between your device and a private server, hiding your traffic from being seen by others. Of course, the VPN itself can still see your traffic, which is why you should choose a VPN from a company you trust. (A good rule of thumb is to avoid free VPNs, because if they’re not charging you a fee, they may be monetizing in some less desirable way.) In addition, law enforcement can get its hands on your information through the VPN company. However, for the most part, a VPN offers you a way to hide your online activity from others.

Source: How to set up a VPN

 

  • NordVPN apps for iOS and macOS

  • How to connect your phone to a VPN



    • Enter your email address:

    Delivered by FeedBurner

    Mar 01 2019

    Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAArrg *segfault*

    Category: Hacking,Security patchingDISC @ 3:18 pm

    RV110W, RV130W, RV215W need patching to close remote hijacking bug

    Source: Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAArrg *segfault*


    Enter your email address:

    Delivered by FeedBurner

    Mar 01 2019

    What is a botnet? And why they aren’t going away anytime soon

    Category: BotnetDISC @ 11:23 am

    A botnet is a collection of any type of internet-connected device that an attacker has compromised. Commonly used in distributed denial of service (DDoS) attacks, botnets can also take advantage of their collective computing power to send large volumes of spam, steal credentials at scale, or spy on people and organizations.

    Source: What is a botnet? And why they aren’t going away anytime soon


    Enter your email address:

    Delivered by FeedBurner

    Feb 28 2019

    Cisco WebEx Meetings affected by a new elevation of privilege flaw

    Category: App SecurityDISC @ 2:10 pm

    A vulnerability in the update service of the Cisco Webex Meetings Desktop App for Windows could allow elevation of privilege

    Source: Cisco WebEx Meetings affected by a new elevation of privilege flaw


    Enter your email address:

    Delivered by FeedBurner

    Feb 28 2019

    Microsoft: Do these things now to protect your network | ZDNet

    Category: Information SecurityDISC @ 10:08 am


    In its annual security intelligence report, Microsoft offers up its top tips for blocking out hackers.

    Source: Microsoft: Do these things now to protect your network | ZDNet


    Enter your email address:

    Delivered by FeedBurner

    Feb 27 2019

    Thunderclap flaws allow hacking most of modern computers

    Category: HackingDISC @ 12:41 pm

    Researchers found a new set of flaws that can be exploited via Thunderbolt to compromise a broad range of modern computers with Thunderclap attacks

    Source: Thunderclap flaws allow hacking most of modern computers


    Feb 26 2019

    Senators want Huawei equipment removed from US power grid because of security concerns

    Category: Cyber War,HackingDISC @ 12:21 pm

    Huawei may well be causing excitement with its foldable smartphone, the Mate X, but the company’s troubles in the US continue. The American government has already banned the use of some Huawe…

    Source: Senators want Huawei equipment removed from US power grid because of security concerns


    Feb 26 2019

    Beef : The Browser Exploitation Framework Project

    Category: Hacking,Web SecurityDISC @ 12:02 pm

    BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.Amid growing concerns about web-borne

    Source: Beef : The Browser Exploitation Framework Project


    Feb 25 2019

    New browser attack lets hackers run bad code even after users leave a web page | ZDNet

    Category: Web SecurityDISC @ 6:37 pm

    MarioNet attack lets hackers create botnets from users’ browsers.

    Source: New browser attack lets hackers run bad code even after users leave a web page | ZDNet


    Feb 25 2019

    Smart Homes at Risk Due to Unpatched Vulnerabilities, Weak Credentials

    Category: IoT SecurityDISC @ 5:16 pm

    40.8% of smart homes have at least one device vulnerable to remote attacks, a third of them being vulnerable because of outdated software with unpatched security issues, while more than two-thirds are exposed by weak credentials.

    Source: Smart Homes at Risk Due to Unpatched Vulnerabilities, Weak Credentials


    Feb 22 2019

    Discovery of cameras built into airlines’ seats sparks privacy concerns

    Category: Information PrivacyDISC @ 10:50 am

    A viral tweet prompted closer scrutiny.

    Source: Discovery of cameras built into airlines’ seats sparks privacy concerns

     

     


    Tags: PHI, PII, privacy concerns

    Feb 21 2019

    A Tale of Epic Extortions – How Cybercriminals Monetize Our Online Exposure

    Category: CybercrimeDISC @ 3:59 pm

    Digital Shadows’ Photon Research Team has found that cybercriminals have diversified their extortion methods, and the threat landscape is as wide and varied as it’s ever been.

    Source: A Tale of Epic Extortions – How Cybercriminals Monetize Our Online Exposure


    Feb 20 2019

    A Deep Dive on the Recent Widespread DNS Hijacking Attacks

    Category: DNS AttacksDISC @ 5:24 pm

    The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

  • Source: A Deep Dive on the Recent Widespread DNS Hijacking Attacks


    • Feb 20 2019

    Phishers’ new trick for bypassing email URL filters – Help Net Security

    Category: Email SecurityDISC @ 10:34 am

    Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services.

    Source: Phishers’ new trick for bypassing email URL filters – Help Net Security


    Feb 19 2019

    #TaxScam

    Category: Security AwarenessDISC @ 6:16 pm

    It’s tax season, and with it comes Tax Scams. Stay Cyber Aware and Cyber Safe.

    “Thousands of people have lost millions of dollars and their personal information to tax scams. Scammers use the regular mail, telephone, or email to set up individuals, businesses, payroll and tax professionals.

    The IRS doesn’t initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. Recognize the telltale signs of a scam.” See also: How to know it’s really the IRS calling or knocking on your door

    [pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/02/TaxScam-1.pdf” title=”TaxScam”]

     

     


    Tags: tax fraud, tax scam

    Feb 19 2019

    Travel Back to 1990 With the Original World Wide Web Browser

    Category: Web SecurityDISC @ 3:02 pm

    The World Wide Web turns 30 this year, and to celebrate three decades of utter chaos and brilliance, CERN developers and designers have created a version of the original WorldWideWeb browser that can run inside a modern browser. What, you wonder, is it like to surf the original web? Well, give it a try here. It’s kind of a pain!

    Source: Travel Back to 1990 With the Original World Wide Web Browser


    Feb 18 2019

    Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July

    Category: Security patchingDISC @ 6:43 pm

    Microsoft announced on its support website that future Windows 7 and Windows Server 2008 updates will require SHA-2 code signing support to be installed starting with July 16, 2019.

    Source: Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July


    « Previous PageNext Page »