First Target and Neiman Marcus, now Sally Beauty. This seems an appropriate time to address not only how to recover from a security breach – but more importantly how to prevent future attacks and regain...
Things have kicked off with a force at Mobile World Congress 2014 in beautiful Barcelona, Spain, where several industries focusing on mobile technologies will come together to share the latest digital and social innovations.
On February 19, Microsoft released Security Advisory (2934088) for Microsoft Internet Explorer. This vulnerability was previously reported, by 3rd parties, during the 2nd week of February 2014. In-the-wild exploitation has been observed (at least) back to early January 2014. Specifically, the flaw is a use-after-free condition during Internet Explorer’s processing of specific CMarkup objects. We […]
Most malware is created for economic purposes. To name just a few of our reports and blogs on this topic, we have written about Cybercrime Exposed, stolen data, and the Target point-of-sale malware. But sometimes it’s not clear to our customers how much time and skill malware authors invest in their tools. A recent case […]
On February 4, Adobe released an out-of-band update for Adobe Flash Player. The update addresses a critical remote code execution vulnerability that is being actively exploited in the wild. The update applies to Windows, Mac OS X, and Linux. We are currently analyzing details and indicators. Watch this space for updates, indicators, and more information […]
Some would say that if encryption isn’t becoming ubiquitous, then it should be! Data breaches are in the news nearly every day now. Last week it was reported that in 2013, payment card data breaches jumped 5-fold, representing around 740M records exposed. Deploying encryption on a broad basis would at least help to reduce the […]
Anyone with the responsibilities around server, infrastructure or computing knows to request, demand and expect 99.999% availability or refer to it as five 9s. So why isn’t there a default expectation to server security whether it’s sitting in a data closet, delivered as IaaS or in the near future instrumented as an element as part […]