IT Security and Compliance Blog Archive

Read the news, developments and opinion pieces from years gone by about IT security and compliance from industry experts New Net Technologies.

ransomware defenses

Can you trust your users to resist the temptation offered by phishing emails? Probably not.

Security Magazine

Two new reports chart the increasing complexity and strength of DDoS attacks, which researchers say are now used in wider, more advanced cyber-attacks.

Anthem-Breach

A breach on a massive scale used to steal tens of millions of personal identification information (PII). How did it happen and what can be learned?

Ransomware Website RansomWeb attack anatomy tips for Web Application protection

Ransomware attacks are on the increase as reported previously*, but it seems that the threat of a DDOS attack may not be the only extortion muscle being employed.

BBC News Technology

DDOS remains one of the most difficult attacks to defend against - by definition, the attack is perpetrated simultaneously from large numbers of devices including home and business users wherever a Trojan has been deployed. This makes the standard countermeasure for DDOS - blocking/blacklisting associated IP addresses - extremely hard.

News breaking today that a new batch of stolen card numbers made available for sale all have something in common – all have been used recently for Book2Park.com reservations. This makes it likely that this was the source of the card data theft.

Most mainstream Linux platforms, including Debian 7 (Wheezy), RHEL 6 & 7, CentOS 6 & 7, and Ubuntu 12.04, using versions of the GNU C Library (glibc) from 2.2 to before 2.18 are now known to be vulnerable to a buffer overflow attack.

The responsibility of managing and overseeing the cyber risk in an organization must sit at the executive level

NERC CIP 5

Two newly discovered vulnerabilities have been classified with a maximum CVSS Score of 10 and users of Schneider Electric ETG3000 FactoryCast HMI Gateway should take immediate action to protect SCADA systems from attack.

Many firms still have a long way to go to manage the risks of a cyber attack, the latest government-backed cyber governance health check has revealed.

It has been said before, but if you need another marker to show just how marginalized anti-virus technology is becoming, research carried out by Lastline Labs really brings the message home.

Three new breaches reported this week show that the cyber security threat is relentlessly punishing organizations with security weaknesses, but what should other organizations do to prevent themselves falling victim to similar breaches?

Reported this week, 'Skeleton Key malware that bypasses AD Authentication'. So what do you need to know to protect your AD Servers from this and other attacks?

Retail Technology

Read New Net Technologies CTO Mark Kedgley’s letter to the editor in the latest issue of Retail Technology. 

United Airlines MileagePlus breach

Those enrolled in United Airlines' MileagePlus program should change their password as a precaution against hackers. It's a reminder that multiple uses of the same username and password combination may be storing up trouble for the future.

DDOS Extortion

Research from Avast has been published detailing the operation of the XOR.DDoS trojan, designed to infect Linux systems. Will 2015 be the year of DDOS Extortion?

The Drum

Moonpig, the personalized greetings card giant, has ceased transactions through its mobile apps after a concerned cyber-security expert exposed a site vulnerability which endangered the financial details of its 3.6 million customers.

Steel Mill shut down by hackers - NERC CIP

This cyber attack will immediately draw comparisons with the infamous Stuxnet attack but does it also mark a tipping point for all industries to take cyber security seriously?

PCI DSS V3 and file integrity monitoring - Cyber attacks on retailers becoming more targeted

Analysis on Retail Sector Attacks in 2014 reveals some worrying trends and raises questions as to whether the PCI DSS V3 has adapted enough to provide sufficient protection.

2014 - Year of the Breach - Lessons learned from recent breaches

A nice summary of security best practices in response to breach activity last year - not much new...

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.