Loading...

Follow Tripwire - The State of Security on Feedspot

Continue with Google
Continue with Facebook
or

Valid

Due to popular demand, my women in information security interview series is back for autumn! This marks the second anniversary since I started. Some of my subjects in this round have been waiting since last spring, so getting to chat with them has been long overdue. Let’s start with Sharka, a penetration tester who is […]… Read More

The post Women in Information Security: Sharka appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage. Ransomware, for example, usually has no interest in exfiltrating data. As with the Collection tactic, there’s little guidance on how to mitigate an […]… Read More

The post The MITRE ATT&CK Framework: Exfiltration appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Two former employees of Wendy’s reportedly filed a lawsuit accusing the fast food restaurant chain of breaking the law in the way it collects and stores employees’ fingerprints. According to ZDNet, former Wendy’s employees Martinique Owens and Amelia Garcia submitted the lawsuit to a Cook County court on 11 September. A copy of the complaint […]… Read More

The post Wendy’s Reportedly Sued Over Collection of Employees’ Fingerprints appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Digital attackers have a history of targeting public sector organizations. For its 2018 Data Breach Investigations Report (DBIR), Verizon Enterprise tracked 22,788 security incidents that affected the public sector. Data disclosure occurred in 304 of those events; digital espionage via phishing or the use of a backdoor served as the most common pattern. Those techniques […]… Read More

The post 5 Notable Security Incidents that Recently Affected Federal Entities appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

It is a common trend now to see most of the organizations opting for the cloud. Growing business demands, competition and the growth of Software-as-a-Service (SaaS) have helped propel this trend. While everything looks smart in the cloud, what about security? Does that look smart, too? Now that organizations use different kinds of cloud environments, […]… Read More

The post Cloud Security: A Cloud Provider-User Partnership appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

A Romanian citizen has pleaded guilty to federal charges resulting from a ransomware attack that targeted a police department. On 20 September, Eveline Cismaru, 28, pleaded guilty before the Honorable Dabney L. Friedrich in the District of Columbia to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer […]… Read More

The post Romanian Citizen Admits Guilt in Police Department Ransomware Attack appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The ability to feed key security information onto a big screen dashboard opens up many new opportunities for managing the day-to-day security and maintenance workload as well as providing a useful method of highlighting new incidents faster than “just another email alert.” Most Security Operation Centres I’ve visited in recent years have embraced having a […]… Read More

The post Is Your Security Dashboard Ready for the Cloud? appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

If you’re in your 40s or 50s, you probably remember a TV series called The Twilight Zone. (Millennials, think Netflix’s Black Mirror.) Every show was its own stand-alone story that took viewers into an alternate reality where things got weird in a hurry followed by twists and turns culminating in a surprise ending. These types […]… Read More

The post Entering the Twilight Zone: Adventures in the Security Leader Search appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The Information Commissioner’s Office (ICO) of the United Kingdom announced it will fine Equifax £500,000 for a data breach that occurred in 2017. In a monetary penalty notice filed on 19 September, the ICO revealed its decision to impose the maximum fine specified in section 55A of the Data Protection Act 1998 on Equifax. The […]… Read More

The post ICO to Fine Equifax £500,000 for 2017 Data Breach appeared first on The State of Security.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The IRS 1075 publication lays out a framework of compliance regulations to ensure federal tax information, or FTI, is treated with adequate security provisioning to protect its confidentiality. This may sound simple enough but IRS 1075 puts forth a complex set of managerial, operational and technical security controls you must continuously follow in order to […]… Read More

The post Computer System Security Requirements for IRS 1075: What You Need to Know appeared first on The State of Security.

Read Full Article

Read for later

Articles marked as Favorite are saved for later viewing.
close
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Separate tags by commas
To access this feature, please upgrade your account.
Start your free month
Free Preview