Posted by Trevan Marden on Apr 23, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

• When you go to a security conference, and its mobile app leaks your data - Ars Technica
• UK Teen Who Hacked CIA Chief Gets Two-Year Prison Term - Security Week
• The Role of KPIs in Incident Response - DarkReading

Posted by Trevan Marden on Apr 20, 2018

If you are thinking of buying a managed detection and response (MDR) service, then you already know how these services can help your organization achieve security and compliance while reducing costs. These services can help by extending your team and offloading certain tasks related to security monitoring to a third-party, freeing up your team to better focus their efforts. But do you know what to look for in managed detection and response vendors? What sets some providers apart from others? Here are four important items to consider when buying an MDR:

Posted by Trevan Marden on Apr 20, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

• PCI Council releases vastly expanded cards-in-clouds guidance  - The Register
• Two incident response phases most organizations get wrong - CSO
• Facebook moves to shrink its legal liabilities under GDPR - TechCrunch

Posted by Trevan Marden on Apr 19, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

• TaskRabbit CEO posts statement as its app returns following a cybersecurity breach - TechCrunch
• U.S. UK Government Say Russia Increasing Infrastructure Attacks - eWeek
• A Sobering Look at Fake Online Reviews - Krebs on Security

Posted by Trevan Marden on Apr 18, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

• Nation state hackers attempted to use Equifax vulnerability against DoD, NSA official says - CyberScoop
• DHS Secretary Says U.S. Will Respond to Nation-State Cyber-Attacks - eWeek
• Prosecutors hand over terabytes of evidence in case against Russian charged with LinkedIn breach - CyberScoop
• Facebook Admits to Tracking Non-Users Across the Internet - SecurityWeek

Posted by Joseph Murphy on Apr 17, 2018

If you watched Zuck testify in Congress in early April 2018, you could feel the nation’s mindset around security and data privacy shifting in a positive direction. The people not in the security community learned that even when they think they’re protecting their data, they’re not. They might be asking themselves, what can I do to protect my data online? Delete my Facebook? Throw my cell phone into the abyss? Close my bank account? Then, you realize, we’d be lost without these life lines.

Posted by Trevan Marden on Apr 17, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

• Intel, Microsoft to use GPU to scan memory for malware - Ars Technica
• Windows 10 will soon get passwordless logins with Yubico’s Security Key - TechCrunch
• To Patch Or Not To Patch? Surprisingly, That Is The Question - Forbes
• Ransomware, healthcare and incident response: Lessons from the Allscripts attack - CSO

Posted by Miguel De Los Santos on Apr 16, 2018

In this blog post, we will cover the vulnerability scan requirements for Payment Card Industry Data Security Standard (PCI DSS). The adoption of these requirements helps ensure that your environment is not only compliant with PCI regulations, but also meets best security practices. This vulnerability data can also help provide a deeper understanding of your environment and where time and attention needs to be spent.

Posted by Trevan Marden on Apr 16, 2018

Grab your coffee and read up on today's top information security stories and articles from around the web:

• Former Airline Database Administrator Sentenced for Hacking Reservation System - Dark Reading
• Analysis: Verizon's Breach Report 2018 - Bank Info Security
• Severe Flaws Expose Moxa Industrial Routers to Attacks - Security Week
• Email Breach at Oxygen Equipment Maker Affects 30,000 - Healthcare Info Security

Posted by Trevan Marden on Apr 13, 2018

Cyber attacks are waged against organizations of all sizes and industries. It is more critical than ever that these organizations find ways to effectively detect and mitigate threats. For organizations looking to build out their threat detection capabilities and avoid disaster, here are 5 steps to effective threat detection: