A selection of this week’s more interesting vulnerability disclosures and cyber security news. A pretty energetic week for a change. Varied and unexpected breaches as is the norm, though a few new items of note. The first is a little worrying, and really hopefully (at least for the public) won’t set a precedent: Penalising those that can’t make use of good password best practice.

Information leakage of threat intelligence, incident data, and status data can have several legal consequences for organizations. Information leakage can occur due to the misconduct of disgruntled employees or results in by virtue of a nefarious cyber-attack. The underlying sections will take a deep dive into two different scenarios—namely, The Trauma of IP Address Leakage and The Menace of Product Vulnerability Leakage.

The phrase Threat Intelligence has slowly gained significance in the information security community and their discussions. With the decision makers considering it as a high priority requirement, vendors have launched an array of products which are indeed confusing for an executive with the managerial background. This is an introductory post in our series of detailed discussion on threat intelligence.

Malware analysis allows the analyst to see what actions are taken and allows us to use those actions to build a profile that can be used to detect and block further infections and find related infections.

In the Godfather Part II, Michael Corleone says, “There are many things my father taught me here in this room. He taught me: keep your friends close, but your enemies closer.” This lesson Vito Corleone taught his son Michael is just as applicable to IT security configuration management (SCM).