Global maritime security market to grow to $20.87 ... » The recent report by Markets and Markets reveals that in the next five years the maritime security m... Brainloop solves “Dropbox Dilemma” facing UK busin... » London: Brainloop has launched its portfolio of simple, secure, collaboration tools into the UK to a... New Google web app security scanner + 95% of XSS w... » In light of Google's announcement about releasing an open source tool for testing web app security s... Datum Datacentres builds on its success » Datum Datacentres, the Farnborough-based business-critical co-location data centre provider, is deli... Olive Communications' Safetybank wins SaaS Produ... » Olive Communications' digital safety management platform, Safetybank, was recognised as the SaaS (So... BSI Standards Awards recognizes outstanding c... » BSI, the UK’s National Standards Body has officially recognized the outstanding contributions of its... Gartner names proofpoint a leader in 2014 Magic ... » London, UK: Proofpoint, Inc. has been positioned by Gartner, Inc. in the leaders quadrant of the 201... Tenable's Nessus v6 Eliminates cybersecurity blind... » COLUMBIA, Md./LONDON, UK: Tenable Network Security, Inc. has announced the release of Nessus® v6, re... New German heavy tanks bring serious firepower i... » Wargaming announced today the launch of the latest content update for its free-to-play console multi... Babcock to run Defence Support Group » The Ministry of Defence (MOD) has today announced the preferred bidder for the Defence Support Group...

CLICK HERE TO

 

pentestmag.com

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Useful Links

SIA Logo

Who's Online

We have 39 guests online

Bring Back Our Girls

Research shows retailer sites hit by 48% of all web application attacks

LONDON, UK: Retailers are urged to be extra vigilant to cyber attacks following the results of a study from Imperva, Inc. which has found that 48% of all web application attack campaigns target retail applications, making the industry the most heavily targeted by cybercriminals.

From Craig Young, security researcher comments:

“Microsoft has released MS14-068 to describe a crypto failure within Microsoft’s Kerberos key distribution center (KDC) with the impact of allowing low-privileged domain users to gain administrative access to any computer in the domain including the domain controller.

In light of Microsoft’s release of the MS16-068 security patch, Gavin Millard, EMEA Technical Director, Tenable Network Security has given the following advice on what organisations should do next to remain secure:

BSI, the UK’s National Standards Body has officially recognized the outstanding contributions of its many committee members though the BSI Standards Awards. The exceptional contributions to standards making from the national and international arena includes committee members, chairmen, and those who have made a significant impact within a short time of being appointed.

Many companies use Microsoft Remote Desktop Web (RD Web) in order to manage their access to server resources. Two-factor authentication (2FA) is recommended to secure this access. This usually consists of the conventional username and password components plus an additional passcode component. However, there has recently been an increase in cases of third parties obtaining access to web applications in RD Web environments without needing to enter the additional passcode. How have the third parties been able to get past the usually highly secure 2FA and how should RD Web users protect themselves in the future?

Gartner analyst, Neil MacDonald, proposes that now is the time for companies to turn their focus from an incident response model of security to one that provides continuous response. MacDonald coins this as a Continuous Advanced Threat Protection approach to security. While most security professionals have come to grips with the fact that at some point they will fall victim to a compromise, the approach to security by and large still revolves around responding after something bad has occurred. Now this is by no means the fault of the security professional alone. The tools they have at their disposal, most of which offer a siloed view into their security posture, many times restrict their capabilities.

To truly make the shift towards MacDonald’s continuous response, security professionals need to evaluate tools and processes with a fresh set of eyes. Steve Salinas, Product Manager at Alert Logic, the leading provider of Security-as-a-Service for the cloud, has pulled together an article outlining the four things to consider when making this necessary shift in security approach.

London, UK: Proofpoint, Inc. has been positioned by Gartner, Inc. in the leaders quadrant of the 2014 Magic Quadrant for Enterprise Information Archiving. The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.