cert – Page 2 – WindowsTechs.com

Randall Trzeciak, CERT – Enterprise Security Weekly #125

Posted on February 7, 2019 by Security Weekly Productions

Randall Trzeciak, the Director of the CERT Insider Threat Center at Carnegie Mellon University’s Software Engineering Institute! Randall will be speaking at InfoSec World 2019 about “An Effective Insider Threat Program” on Saturda… Continue reading Randall Trzeciak, CERT – Enterprise Security Weekly #125→

Eyal Neemany, Javelin Networks – Paul’s Security Weekly #582

Posted on November 10, 2018 by Security Weekly Productions

Former Head of Israeli Air Force CERT & Forensics Team, Senior Security Researcher at Javelin Networks. Eyal will be discussing securing remote administration, remote credentials, explains that Jump Servers aren’t as good, and show you have to con… Continue reading Eyal Neemany, Javelin Networks – Paul’s Security Weekly #582→

Phishing is still the most commonly used attack on organizations, survey says

Posted on October 23, 2018 by Lisa Vaas

The survey found that the majority of cyberattacks – 75% – came from outsiders, while 25% were due to insiders. Continue reading Phishing is still the most commonly used attack on organizations, survey says→

The Vulnerability Disclosure Process: Still Broken

Posted on September 5, 2018 by Tom Spring

Despite the advent to bug bounty programs and enlightened vendors, researchers still complain of abuse, threats and lawsuits. Continue reading The Vulnerability Disclosure Process: Still Broken→

Bypassing Two-Factor Authentication – Paul’s Security Weekly #539

Posted on December 10, 2017 by Paul Asadoorian

Former Head of Israeli Air Force CERT & Forensics Team, Senior Security Researcher at Javelin Networks. Eyal Neemany talks about bypassing two-factor authentication on Active Directory. Full Show Notes Subscribe to YouTube Channel
The post Bypassin… Continue reading Bypassing Two-Factor Authentication – Paul’s Security Weekly #539→

What You Should Know About the ‘KRACK’ WiFi Security Weakness

Posted on October 16, 2017 by BrianKrebs

Researchers this week published information about a newfound, serious weakness in WPA2 — the security standard that protects all modern Wi-Fi networks. What follows is a short rundown on what exactly is at stake here, who’s most at-risk from this vulnerability, and what organizations and individuals can do about it. Continue reading What You Should Know About the ‘KRACK’ WiFi Security Weakness→

This one matters, too: Carnegie Mellon issues guide to disclosing software vulnerabilities responsibly

Posted on August 16, 2017 by Shaun Waterman

Over the past year or so, there’s been an explosion of interest in vulnerability disclosure policy — the question of what to do about flaws in software found by security researchers that should be patched lest they get used by hackers to break into computer systems. Both the Defense Department and the General Services Administration have launched bug bounty programs to reward researchers who responsibly report security flaws they find, and the National Telecommunications and Information Administration’s multistakeholder process published a guide to coordinated vulnerability disclosure, or CVD. Even the Justice Department has gotten in on the act — putting out a set of legal guidelines for companies and other organizations interested in establishing a vulnerability reporting and fixing process. So you would think the publication of yet another set of guidance would be anti-climatic and might even be ignored. But you’d be wrong. The prestigious Software Engineering Institute at Carnegie Mellon University […]

The post This one matters, too: Carnegie Mellon issues guide to disclosing software vulnerabilities responsibly appeared first on Cyberscoop.

Continue reading This one matters, too: Carnegie Mellon issues guide to disclosing software vulnerabilities responsibly→

Bobbie Stempfley will lead Carnegie Mellon CERT

Posted on June 14, 2017 by Michael Bergin

Veteran federal IT official Roberta G. “Bobbie” Stempfley will take over the Carnegie Mellon University Software Engineering Institute’s CERT Division, the oldest Computer Emergency Response Team in the world, SEI announced this week. “From my positions in government, I have come to know and respect the work done by the talented cybersecurity professionals at the SEI’s CERT Division,” said Stempfley in a release. “It is now my honor to lead this division, which, for nearly 30 years, has been at the forefront of our nation’s cyber defense. I look forward to working with this team.” Before coming to CERT, Stempfley was director of cyber strategy implementation at non-profit government technology contractor the MITRE Corp. She previously served as deputy assistant secretary and acting assistant secretary in the Office of Cyber Security and Communications for the Department of Homeland Security. Prior to that, Stempfley worked at the Pentagon as CIO of the Defense Information Systems Agency […]

The post Bobbie Stempfley will lead Carnegie Mellon CERT appeared first on Cyberscoop.

Continue reading Bobbie Stempfley will lead Carnegie Mellon CERT→

Netgear Routers Remain Exposed to Critical Flaw

Posted on December 12, 2016 by Michael Mimoso

Netgear has confirmed a critical vulnerability in its Nighthawk routers that expose devices to command injection attacks. A public exploit is available. Continue reading Netgear Routers Remain Exposed to Critical Flaw→