OpenVAS Terms to Know

June 25, 2018 Kellep Charles 0

OpenVAS Terms to Know Host A Host is a single system that is connected to a computer network and that may be scanned. One or many hosts form the basis of a scan target. A […]

A World of Vulnerabilities – InfoSec Institute

June 12, 2013 SecurityOrb_Staff 0

Every day, we read about cyber-attacks and data breaches, incidents that represent in many cases a disaster for private companies and governments. Technology plays a significant role in our lives; every component that surrounds us runs a piece of software that could be affected by flaws and exploited by those with ill intentions. […]

‘NetTraveler’ Cyberespionage Campaign Uncovered

June 5, 2013 fdesir 0

An intrstuing  article from Dark Reading: A less sophisticated but long-running cyberspying program out of China aimed at high-profile targets in government, embassies, oil and gas, military contractors, activists, and universities has infected hundreds of […]

3 Lessons From Layered Defense’s Missed Attacks

May 29, 2013 fdesir 0

a posting from Dark Reading in there  Vulnerability Management section: Layering security measures typically protects systems better: Research) by three University of Michigan graduate students in 2008, for example, found that using multiple antivirus engines result in […]

Twitter testing a two-step security solution: report

April 24, 2013 fdesir 0

An posting from NBC News in there technology  section:  On Tuesday, Associated Press became the latest national media outlet to have its Twitter account compromised by hackers, leading security experts to question why the short-messaging service has […]

The Federal System’s Need for a Security Assessment Process, Part 2: Categories of Security Assessments

March 20, 2012 admin 0

Security assessments can fall into many categories and an organization’s core competency often dictates which ones management is more interested in conducting. For example, an organization that has an external presence may be very interested in how they appear to the outside world and how well they are protecting their internal resources from external entities trying to harm them. Whereas, another governmental institution maybe more concerned with their internal security posture and controls as compared to how they appear to the outside world. They may have a pressing need to verify internal access control, password compliance and proper network segmentation as opposed to what protocols are accessible from the public network. The actual type of assessment performed usually depends on the organization’s mission as well as their overall security need. […]

1 2