%term

Weekly Cyber Security News 16/11/2018

Nov 16, 2018 By Kevin In ionCube24

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Quite an interesting stream of news this week, however, my choices this week focus on threat management. The first one, and its quite alarming and not at all funny, shows an example of someone didn’t accept reasonable proof of account ownership for a password reset – something many of us face with public websites.

Read Post

ionCube24

Read more about Weekly Cyber Security News 16/11/2018

Defending Against Zero-Day Attacks with AlienVault USM Anywhere

Nov 15, 2018 By Rich Langston In AT&T Cybersecurity

Recently, an AlienVault customer reached out to ask how AlienVault handles the detection of zero-day attacks, which are exploits against previously unknown vulnerabilities. In this blog, I shed light on how we approach this.

Read Post

AT&T Cybersecurity

Read more about Defending Against Zero-Day Attacks with AlienVault USM Anywhere

Demo - Continuous security assessment for AWS

Nov 15, 2018 By Netskope In Netskope

Netskope’s Continuous Security Assessment for AWS helps address the risk tied to misconfigurations that may lead to resources being inadvertently exposed to the internet. Netskope achieves this by continuously monitoring and auditing your AWS configuration, using the CIS benchmark, PCI-DSS, in addition to AWS best practices, to assess your compliance posture.

View Video

Netskope

Read more about Demo - Continuous security assessment for AWS

Demo - Insider threat protection for AWS S3

Nov 15, 2018 By Netskope In Netskope

Learn more about Netskope for IaaS at netskope.com

View Video

Netskope

Read more about Demo - Insider threat protection for AWS S3

The Art and Science of Secure Coding: Key Practices that Stand Out

Nov 15, 2018 By Tripwire Guest Authors In Tripwire

Flaws in code lines, file system and data input methods make up the core security vulnerability of any application. This is what we address through secure coding practices. Secure coding guidelines stand out as the last battling army before the enemy line of security risks and threats.

Read Post

Tripwire

Read more about The Art and Science of Secure Coding: Key Practices that Stand Out

Top 10 PCI DSS Compliance Pitfalls

Nov 14, 2018 By Sanjay Ramnath In AT&T Cybersecurity

Despite the fact that PCI DSS has been in effect for over a decade, and most merchants are achieving compliance, some of the world’s largest retailers have been hit by to data breaches. The sad truth is that achieving compliance doesn’t guarantee data protection, even for large organizations. For example, more than five million credit card numbers were stolen in 2018 hacks of two major retailers.

Read Post

AT&T Cybersecurity

Read more about Top 10 PCI DSS Compliance Pitfalls

Getting started with Detectify

Nov 13, 2018 By Detectify In Detectify

Detectify is an automated vulnerability scanner that helps you stay on top of threats by testing your web application for 1000+ vulnerabilities. Getting started with Detectify is easy - you can get up and running in a matter of minutes.

View Video

Detectify

Read more about Getting started with Detectify

Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Nov 13, 2018 By Detectify In Detectify

A recent vulnerability was sent in to Detectify Crowdsource regarding an unauthenticated remote code execution (RCE) in Oracle WebLogic Server. It is easily exploited and this video shows the proof of concept.

View Video

Detectify

Read more about Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Case Study: ionCube Encoder on BitBucket

Nov 13, 2018 By Kevin In ionCube24

Working with a wide variety of customers and technologies often brings interesting challenges and stories that usually end up buried in a support ticket never to see the light of day again. However, after a curious ticket regarding integration of our product into a BitBucket pipeline, we asked WeTek if they would like to contribute an article about this particular problem. Well, here it is, a great article highlighting the subtleties that can trip us up!

Read Post

ionCube24

Read more about Case Study: ionCube Encoder on BitBucket

Why do we need automation in Security? - An Introduction to SOAR

Nov 13, 2018 By Raj Pagariya In Logsign

Pick up any industry and you will realize that every one has gone through an evolution – from being entirely dependent on humans to being now run majorly by machines and automated processes. There comes a point, for every industry, where in order to function efficiently and effectively operate, automation becomes a necessity.

Read Post

Logsign

Read more about Why do we need automation in Security? - An Introduction to SOAR

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Weekly Cyber Security News 16/11/2018

Defending Against Zero-Day Attacks with AlienVault USM Anywhere

Demo - Continuous security assessment for AWS

Demo - Insider threat protection for AWS S3

The Art and Science of Secure Coding: Key Practices that Stand Out

Top 10 PCI DSS Compliance Pitfalls

Getting started with Detectify

Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Case Study: ionCube Encoder on BitBucket

Why do we need automation in Security? - An Introduction to SOAR

Monthly Archive

Follow Us