A web presence is mandatory for all but the smallest businesses. Yet at the same time web sites are the biggest and one of the easiest targets for hackers: they are notoriously fraught with vulnerabilities. Information Week and Dark Reading offer a few strategies to help you deal with this dilemma.
via https://www.cmo.com.au/mediareleases/17977/web-app-security-not-rocket-science/
Evolution of Attackers-for-Hire
The emergence of attackers-for-hire is a troubling trend in cybercrime, and one particular group is changing its techniques to gain access to computer systems, says Symantec researcher Kevin Haley.
via https://www.bankinfosecurity.com/evolution-attackers-for-hire-a-6252/op-1
Enterprise Risk Management – Benefits
At what level should ERM be integrated with business processes – this is a dilemma that many organizations face when implementing an ERM.
Continue reading “Enterprise Risk Management – Benefits”
Banks to choose between EMV & Aaadhar
RBI has issued a circular on 26 November, 2013 regarding security of card present transactions. Banks may now take a decision on whether to use EMV chip and PIN technology or use Aaadhar cards as an additional factor of authentication for securing card present transactions.
Continue reading “Banks to choose between EMV & Aaadhar”
ISO 27001:2013 vs 27001:2005
ISO 27001 is a specification for an information security management system (ISMS). Organisations which meet the standard may be accredited by an independent accreditor. ISO 27001:2013 is a new standard that was published on 25, September, 2013.
Here is a short FAQ on the new standard
Continue reading “ISO 27001:2013 vs 27001:2005”
Facebook Requiring Password Resets in Adobe Aftermath
The tentacles of the massive Adobe breach, called one of the worst in U.S. history by one security expert, have reached Facebook users, specifically those who used the same email and password combination for the social network as well as Adobe.
via https://threatpost.com/facebook-requiring-password-resets-in-adobe-aftermath/102918
Cupid Media Hack Exposed 42M Passwords
An intrusion at online dating service Cupid Media earlier this year exposed more than 42 million consumer records, including names, email addresses, unencrypted passwords and birthdays, according to information obtained by KrebsOnSecurity.
Continue reading “Cupid Media Hack Exposed 42M Passwords”
Some Critical Success Factors for a Business Continuity Initiative
Business continuity initiatives should be able to meet management and customer expectations in case of a disaster. Here are some pointers to help you towards that goal:
Continue reading “Some Critical Success Factors for a Business Continuity Initiative”
Android Banking Trojan Svpeng Goes Phishing
Kaspersky Lab researchers say the Android banking Trojann Svpeng now has phishing capabilities and may be testing the waters to infect devices outside of Russia.
via https://threatpost.com/android-banking-trojan-svpeng-goes-phishing/102822
Another Master Key vulnerability discovered in Android 4.3
via https://thehackernews.com/2013/11/another-master-key-vulnerability.html