February 2013 Issue of SCMagazine
I was dismayed and disturbed by the suicide of Aaron Swartz, which only added to well-rooted revulsion for the relentlessness of legal actions against him.
This month's news briefs include bits on Android, spammers, breach penalties, crime networks, hacktivism and more.
The latest personnel announcements and M&A activity from the likes of Lancope, SafeNet, BeyondTrust, Blue Coat Systems and more.
Threat of the month
IE exploits, a zero-day vulnerability that affects various Internet Explorer versions, are February's "Threat of the month."
2 minutes on
Over the next two years, cyber security will join the shortlist of hot-button agenda items set for debate and discussion in Congress.
Skills in Demand
The increase of systems automation and monitoring within manufacturing companies has led to increased demand for certified automation systems professionals.
Me and my job
This month's "Me and my job" features the University of Connecticut's senior network technician, Mike Lang.
This month's debate covers Hacktivist group Anonymous. Will they take a backseat to more extremist groups in 2013?
The data center business model must evolve with cloud's demands, says NJVC's Kevin Jackson.
The ever-changing nature of malware generates anomalous network behavior that can be detected by leveraging large corpuses of data collected from multiple observation points.
This phenomenon sees applications designed for consumers - such as Dropbox, Skype, Google Apps, WordPress, GoToMyPC - finding their way into the corporate tool box.
A more substantial enterprise mobility framework can be conceived with a combination of NAC, MDM and MAM based on organizational requirements.
The NBA's New Orleans Hornets needed to provide its off-the-court, but highly mobile staff with a secure method for communicating. It found an enterprise remote ...
The United States has established itself as a major force in a new era of combat, but what repercussions do state-sponsored actions in cyber space ...
PayPal's Andy Steingruebl knows security is not an insular task. By looking outside of its own walls, the company has taken the fight to the ...
Results from our sixth-annual data breach survey are out next month, but here's a sampling of what's to come from our study of budgets, hiring ...
Despite the ubiquity of the Trusted Platform Module, holdups exist and adoption remains slow. Among them are issues with interoperability, considering Apple, Google and Microsoft ...
The two big areas of growth in this year's vulnerability assessment products were cloud-based assessments and increased automation and templates.
Group Test 1
The Retina CS from BeyondTrust offers up quite a few strong features for vulnerability management throughout the enterprise.
We found this version of Core Impact Professional to contain more automation, more wizards and more options than previous versions we have tested.
FusionVM from Critical Watch offers both vulnerability management and configuration policy auditing in either a physical or virtual appliance or as a full, cloud-based SaaS ...
This product brings together vulnerability scanning, remediation and patch management, and network and software auditing all under one easy-to-use product.
Internal Scan - Cloud edition from netVigilance offers a full cloud-based vulnerability scanning engine that can scan both internal and external systems for vulnerabilities and ...
The QualysGuard Vulnerability Management (VM) solution provides automated auditing and vulnerability management for small to large enterprises.
Nexpose assists clients through the entire vulnerability management lifecycle – from discovery, vulnerability detection, risk classification, impact analysis, reporting, vulnerability verification and risk mitigation.
From the same graphical user interface, SAINT provides an integrated solution for vulnerability scanning, configuration compliance testing, penetration testing, canned reporting and custom report creation.
The Secunia VIM is a real-time vulnerability intelligence and management tool, providing organizations with the necessary information required to analyze vulnerabilities in their IT infrastructure, ...
Tenable SecurityCenter Continuous View (SC-CV) provides real-time vulnerability management, capturing security and compliance risks introduced by mobile, cloud and virtual infrastructure.
Security Manager Plus (Professional Edition) is a network security scanner that proactively reports on network vulnerabilities and helps to remediate them and ensure compliance.
The secret behind the MetaFlows Security System (MSS) is that it really is a hybrid application.
Security pros should be less secretive, says New York City CISO Dan Srebnick.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- 185M incidents bypassed perimeter defenses - report
- Education sector bullied by ransomware and can barely defend itself, report
- IoT assault, connected devices increasingly used for DDoS attacks
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- End-of-support devices on networks weakening cyberdefenses, report
- Android.Lockerscreen using pseudorandom passcodes to ensure payouts
- FBI investigating hacked mobile phones of Democratic officials
- 70% of IDTMs want UK gov to do more so young people enter tech field
- 69% of office professionals in the UK hoard data