VIEW SLIDESHOW Scenes from SAS 2012At Kaspersky Lab’s Security Analyst Summit last week, over 100 researchers and law enforcement officials converged in Cancun, Mexico over the course of five days to network and discuss a veritable cornucopia of security topics. Topics such as privacy, SCADA and PLC security, tracking cybercriminals and the evolution of malware were discussed in depth.
Browsing Category: Compliance
Security researchers made good on a promise to release new exploits for programmable logic controllers (PLCs). The exploits include one targeting a flaw in the implementation of the EtherNet/IP (Industrial Protocol) used in many IP-enabled PLCs. The security hole, if left unaddressed, could enable a remote attacker to crash or unexpectedly reboot the devices, which are critical components of almost every industrial – and critical infrastructure installation.
Threatpost editor Paul Roberts talks with Adobe’s Senior Director of Product Security and Privacy, Brad Arkin on patch management, driving up the cost of exploits and the amount of manpower that goes into recovering from zero days.
The European Union (EU) is preparing to propose new rules that will require companies to disclose data breaches within 24 hours, according to reports.
The ongoing controversy surrounding the SOPA and PIPA anti-piracy bills in Congress has produced a lot of things: misunderstanding of what the bills would do; silly rhetoric from trade groups supposedly defending content creators; confusion on Capitol Hill; and a clear demonstration of how insulated and uninformed many citizens are. But perhaps the worst thing to come out of all of this is the almost comical picture it paints of Congress and its complete lack of understanding of the Internet and its role in society, business and freedom.
Banks will have to continue to upgrade their fraud protection controls, especially in the face of new and evolving attacks exclusively designed to evade them, researchers now say.
The latest edition World Economic Forum’s Global Risks Report takes a dim view of our hyper connected world. At the group’s annual meeting in Davos, Switzerland, members wrestled with the consequences of ubiquitous Internet connectivity, concluding that groups or individuals with few resources are capable of launching attacks with devastating consequences for both commercial and geopolitical powers.
Major banks like Morgan Stanley, Goldman Sachs Group and Bank of America are putting together plans to help identify new security threats before they happen, according to a report from the Wall Street Journal this week.
As companies begin submitting their regulatory filings and financial reports from 2011, the SEC is pushing for more comprehensive data breach, cyber attack, and general risk-assessment disclosures.