Loading...
You are here:  Home  >  News

News

RSS We Live Secruity

  • Week in security with Tony Anscombe July 19, 2019
    ESET researchers release new findings about malware linked to the Ke3chang APT group, including details about Okrum, a previously unreported backdoor The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
    Tomáš Foltýn
  • With FaceApp in the spotlight, new scams emerge July 19, 2019
    ESET researchers discover fraudulent schemes piggybacking on the popularity of the face-modifying tool FaceApp, using a fake “Pro” version of the application as a lure The post With FaceApp in the spotlight, new scams emerge appeared first on WeLiveSecurity
    Lukas Stefanko
  • Okrum: Ke3chang group targets diplomatic missions July 18, 2019
    Tracking the malicious activities of the elusive Ke3chang APT group, ESET researchers have discovered new versions of malware families linked to the group, and a previously unreported backdoor The post Okrum: Ke3chang group targets diplomatic missions appeared first on WeLiveSecurity
    Zuzana Hromcová
  • BlueKeep patching isn’t progressing fast enough July 17, 2019
    Keeping up with BlueKeep; or how many internet-facing systems, and in which countries and industries, remain ripe for exploitation? The post BlueKeep patching isn’t progressing fast enough appeared first on WeLiveSecurity
    Tomáš Foltýn
  • How your Instagram account could have been hijacked July 16, 2019
    A researcher found that it was possible to subvert the platform’s password recovery mechanism and take control of user accounts The post How your Instagram account could have been hijacked appeared first on WeLiveSecurity
    Tomáš Foltýn
  • Week in security with Tony Anscombe July 12, 2019
    ESET researchers describe the ins and outs of a zero-day exploit that has been used for a highly targeted attack and reveal the name of the threat actor that deployed it The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
    Tomáš Foltýn
  • Cybercrime seen to be getting worse: The time to act is now July 12, 2019
    What mounting public concern about falling victim to cybercrime says about government and corporate efforts at cybercrime deterrence The post Cybercrime seen to be getting worse: The time to act is now appeared first on WeLiveSecurity
    Stephen Cobb
  • Buhtrap group uses zero‑day in latest espionage campaigns July 11, 2019
    ESET research reveals notorious crime group also conducting espionage campaigns for the past five years The post Buhtrap group uses zero‑day in latest espionage campaigns appeared first on WeLiveSecurity
    Jean-Ian Boutin
  • Windows zero‑day CVE‑2019‑1132 exploited in targeted attacks July 10, 2019
    ESET research discovers a zero-day exploit that takes advantage of a local privilege escalation vulnerability in Windows The post Windows zero‑day CVE‑2019‑1132 exploited in targeted attacks appeared first on WeLiveSecurity
    Anton Cherepanov
  • UK’s data watchdog hands out two mega‑fines for breaches July 9, 2019
    The times they have a-changed since the ICO could only slap fines worth a fraction of the current amounts The post UK’s data watchdog hands out two mega‑fines for breaches appeared first on WeLiveSecurity
    Tomáš Foltýn

RSS SANS

  • "Exploring the DevSecOps Toolchain" October 14, 2018
      The authors of the SANS Institute's DEV540 Secure DevOps & Cloud Application Security course created the Secure DevOps Toolchain poster to help security teams create a methodology for integrating security into the DevOps workflow. As you can see, the poster breaks DevOps down into 5 key phases and includes a massive list of open […]
    Eric Johnson
  • "Your Secure DevOps Questions Answered" September 13, 2018
      As SANS prepares for the 2nd Annual Secure DevOps Summit, Co-Chairs Frank Kim and Eric Johnson are tackling some of the common questions they get from security professionals who want to understand how to inject security into the DevOps pipeline, leverage leading DevOps practices, and secure DevOps technologies and cloud services. If you are […]
    Eric Johnson
  • "Continuous Opportunity - DevOps and Security" August 23, 2017
      Thank you to everyone at the Minnesota ISSA chapter for the opportunity to share some background on DevOps and some ideas about how security teams can benefit by adopting DevOps practices & tools. The presentation slides are available here: Continuous Opportunity- DevOps and Security. To learn more about DevOps and Cloud Security, check out […]
    SANS Institute
  • "2017 Application Security Survey is Live!" June 19, 2017
      Our 2016 application security survey, led by Dr. Johannes Ullrich, saw AppSec Programs continuously improving. In this year's 2017 survey led by Jim Bird, we will be looking at how AppSec is keeping up with rapidly increasing rates of change as organizations continue to adopt agile development techniques and DevOps. The survey is officially […]
    Eric Johnson
  • "Taking Control of Your Application Security" April 18, 2017
      Application security is hard. Finding the right people to perform application security work and manage the program is even harder. The application security space has twice as many job openings as candidates. Combined that with the fact that for every 200 software engineers there is only 1 security professional, how do we staff a […]
    Eric Johnson