BSI Standards Awards recognizes outstanding c... » BSI, the UK’s National Standards Body has officially recognized the outstanding contributions of its... Gartner names proofpoint a leader in 2014 Magic ... » London, UK: Proofpoint, Inc. has been positioned by Gartner, Inc. in the leaders quadrant of the 201... Tenable's Nessus v6 Eliminates cybersecurity blind... » COLUMBIA, Md./LONDON, UK: Tenable Network Security, Inc. has announced the release of Nessus® v6, re... New German heavy tanks bring serious firepower i... » Wargaming announced today the launch of the latest content update for its free-to-play console multi... Babcock to run Defence Support Group » The Ministry of Defence (MOD) has today announced the preferred bidder for the Defence Support Group... Free white paper explains how network access can... » London: According to the International Telecommunication Union (ITU), there are now as many mobile p... Kroll Ontrack published list of worst data disaste... » EPSOM: Kroll Ontrack announced its 12th annual list of the top 10 data disasters from 2014. For the ... UPnP Forum invites organizations to use UPnP+ Cert... » UPnP Forum has launched its UPnP+ Certification level for improved device and open source implementa... CNL Software to present PSIM at Teleste Video Su... » CNL Software will be participating in the Teleste Video Surveillance Summit in Dubai on December 7, ... ExtraHop integrates with FireEye to defend against... » LAS VEGAS, NV: ExtraHop has announced an integration of the ExtraHop wire data analytics platform wi...

CLICK HERE TO

 

pentestmag.com

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Useful Links

SIA Logo

Who's Online

We have 47 guests online

Bring Back Our Girls

A new ransomware, from the CryptoLocker family, is emerging - CoinVault. Please see below for comments from TK Keanini, CTO at Lancope and Fraser Kyne, principal systems engineer at Bromium.

Advanced, context-aware security helps combat cyber-attacks that bypass conventional defenses

LONDON (UK):  Lancope, Inc., has reminded retailers to remain vigilant with confidential data this holiday season. Last year, the weeks surrounding Thanksgiving were rife with high-profile attacks against retailers, including the largest retail hack in U.S. history. Due to the unusually high amount of financial transactions being made, days like Black Friday and Cyber Monday are extremely opportunistic for cyber criminals.

Research shows retailer sites hit by 48% of all web application attacks

LONDON, UK: Retailers are urged to be extra vigilant to cyber attacks following the results of a study from Imperva, Inc. which has found that 48% of all web application attack campaigns target retail applications, making the industry the most heavily targeted by cybercriminals.

From Craig Young, security researcher comments:

“Microsoft has released MS14-068 to describe a crypto failure within Microsoft’s Kerberos key distribution center (KDC) with the impact of allowing low-privileged domain users to gain administrative access to any computer in the domain including the domain controller.

BSI, the UK’s National Standards Body has officially recognized the outstanding contributions of its many committee members though the BSI Standards Awards. The exceptional contributions to standards making from the national and international arena includes committee members, chairmen, and those who have made a significant impact within a short time of being appointed.

In light of Microsoft’s release of the MS16-068 security patch, Gavin Millard, EMEA Technical Director, Tenable Network Security has given the following advice on what organisations should do next to remain secure:

Gartner analyst, Neil MacDonald, proposes that now is the time for companies to turn their focus from an incident response model of security to one that provides continuous response. MacDonald coins this as a Continuous Advanced Threat Protection approach to security. While most security professionals have come to grips with the fact that at some point they will fall victim to a compromise, the approach to security by and large still revolves around responding after something bad has occurred. Now this is by no means the fault of the security professional alone. The tools they have at their disposal, most of which offer a siloed view into their security posture, many times restrict their capabilities.

To truly make the shift towards MacDonald’s continuous response, security professionals need to evaluate tools and processes with a fresh set of eyes. Steve Salinas, Product Manager at Alert Logic, the leading provider of Security-as-a-Service for the cloud, has pulled together an article outlining the four things to consider when making this necessary shift in security approach.