CERT-In and Its Role in Securing India’s Cyber Space

CERT (Computer Emergency Response Team) is a team that consists of information security experts who are responsible for providing protection against cyber security threats. In addition to this, the team of experts is also given the responsibility of de… Continue reading CERT-In and Its Role in Securing India’s Cyber Space

The Business Value of the Social-Engineer Phishing Service

Phishing attacks continue to plague organizations across the globe with great success, but why? Cybercriminals are targeting the human element of organizations.  Additionally, they are developing techniques to use an…
The post The Business Value of t… Continue reading The Business Value of the Social-Engineer Phishing Service

Looking for VAPT in India? This is What You Should Know

VAPT – as you know – is an acronym for Vulnerability Assessment and Penetration Testing, which is defined as a process to identify security risks and vulnerabilities in a web system or network. You might be seeking to pentest your application & net… Continue reading Looking for VAPT in India? This is What You Should Know

Online testing firm agrees to security audit after inquiry from senator

A company whose software has been widely used to administer law school entrance exams during the coronavirus pandemic has agreed to an independent audit of the software after a U.S. senator raised cybersecurity concerns about the product. Alabama-based ProctorU’s web-browser extension software has allowed people across the U.S. to take the LSAT exam from home during the pandemic. But Sen. Ron Wyden, D-Ore., worried that that same accessibility, if left unsecured, could give cybercriminals a foothold onto test-takers’ devices. And so, after inquiries from Wyden, ProctorU has hired outside security experts to review its software and the tool it uses for remote troubleshooting, according to the Law School Admissions Council (LSAC), which administers the LSAT. More than 145,000 LSAT exams were administered online from May 2020 to February 2021, and ProctorU appears to be the main contractor for doing so. It’s another case of privacy and security risks emerging in […]

The post Online testing firm agrees to security audit after inquiry from senator appeared first on CyberScoop.

Continue reading Online testing firm agrees to security audit after inquiry from senator

How to Update Your Remote Access Policy – And Why You Should Now

Reducing the risks of remote work starts with updating the access policies of yesterday. Continue reading How to Update Your Remote Access Policy – And Why You Should Now

5 Security Holes Most Often Revealed via Cybersecurity Asset Management

Although it may not get the buzz like AI, machine learning, zero-day or deception technologies, asset management is foundational to cybersecurity. Look behind many of the breaches and you’ll find a single, unsecured point of access and/or a single per… Continue reading 5 Security Holes Most Often Revealed via Cybersecurity Asset Management

IBM Launches Security Assessment Service Focused on Business Risk

IBM Security this week launched a service through which it will work with IT security professionals to assess the business risks cybersecurity vulnerabilities represent. Julian Meyrick, vice president for IBM Security, said the Risk Quantification Ser… Continue reading IBM Launches Security Assessment Service Focused on Business Risk

The Interior Department OIG clearly had some fun hacking the agency’s Wi-Fi networks

While multibillion-dollar companies hire expensive outside experts to conduct elaborate mock-raids on their networks, federal agencies tend to rely on their inspectors general for that. But a new report from the Department of Interior’s watchdog would make any crack team of corporate security-testers proud. To test the hundreds of wireless security networks at the DOI, inspector general (IG) investigators surreptitiously used cheap hacking tools from publicly accessible areas to intercept and decrypt communications in multiple bureaus at the sprawling department. They found systematic weakness in the department’s security that a malicious hacker could have exploited to steal data. “The department’s failure to securely configure wireless networks has put its wireless and internal networks at high risk of compromise,” IG investigators said in a report published Wednesday. The IG’s mock attacks — which weren’t noticed by either physical security guards or IT staff — were “highly successful,” the watchdog said. In one instance, […]

The post The Interior Department OIG clearly had some fun hacking the agency’s Wi-Fi networks appeared first on CyberScoop.

Continue reading The Interior Department OIG clearly had some fun hacking the agency’s Wi-Fi networks

The Value of Cybersecurity Ratings for CFOs

Security ratings may not be as well-known outside the security world, but in a nutshell, they evaluate an organization’s cybersecurity risk using data-driven metrics that provide visibility into an organization’s security posture. They also provide va… Continue reading The Value of Cybersecurity Ratings for CFOs

Improve controls on classified information, inspector general tells U.S. intelligence community

The federal government should do more to protect its most sensitive information from potentially being deleted or leaked by insiders, according to a new report from the intelligence community inspector general (ICIG). The Office of the Director of National Intelligence (ODNI) must “improve controls to efficiently and effectively manage and mitigate the risk that a trusted privileged user could inappropriately access, modify, destroy, or exfiltrate classified data,” the intelligence community inspector general, Michael Atkinson, writes in the report. The potential for trouble extends even to classified information that is restricted to a trusted few at the ODNI, the report says. The ICIG’s specific recommendations about how to address the issue, of course, are classified. The semiannual report, released Tuesday, details a number of ongoing intelligence community programs and audits meant to boost the cybersecurity of the ODNI and the intelligence community writ large, among them projects on overhauling the security clearance process and efforts […]

The post Improve controls on classified information, inspector general tells U.S. intelligence community appeared first on CyberScoop.

Continue reading Improve controls on classified information, inspector general tells U.S. intelligence community