Category Archives: Editor’s Choice

Dealing with a system launch: It requires more than just testing

Rolling out new IT systems or software can be a challenge and fraught with issues from day one – and the recent IT crisis with TSB has shown how damaging these can be if managed poorly. A lack of pre-launch tests has been raised as a potential cause of immediate failures, but it would be simplistic to suggest that this would completely eliminate the problems that companies encounter following a system launch. A successful launch … More

The post Dealing with a system launch: It requires more than just testing appeared first on Help Net Security.

How hackers exploit critical infrastructure

The traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value. It should come as no surprise, therefore, that as operational technology (OT) and industrial control system (ICS) infrastructure have become much more prominent components of national critical infrastructure, that malicious hacking activity would be increasingly targeted in this direction. It also stands to reason that the salient aspects of hacking – namely, remote access, … More

The post How hackers exploit critical infrastructure appeared first on Help Net Security.

Do you have what it takes to become a Chief Scientist in the infosec industry?

Igor Baikalov, Chief Scientist at security analytics firm Securonix, is a trained scientist: he spent over 16 year working on various aspects of Structural Biology, developing new methods for determining the structure of basic building blocks of life: proteins, DNA, and their interactions. “A lot of this work had to do with processing and interpreting massive amounts of data and writing tons of code to do that – something I realized I was pretty good … More

The post Do you have what it takes to become a Chief Scientist in the infosec industry? appeared first on Help Net Security.

How to use the cloud to improve your technology training

Anyone who has tried to hire an IT expert knows that the shortage of qualified people is real. We’re not just talking about IT security jobs, either. Almost every area of tech faces a skills shortage that threatens to sap productivity and presents challenges to IT departments of all sizes. Informal on-the-job training has been the norm for most IT teams. However, the rise of cyberthreats and the pace at which they arise leaves companies … More

The post How to use the cloud to improve your technology training appeared first on Help Net Security.

Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities

A new venture fund that will focus on providing capital, strategy, critical resources and unique insights to early-stage cybersecurity companies in Silicon Valley has been officially launched last month. Headed by security technologist Dr. Chenxi Wang and with Amena Zhang, a VC with a strong track record of funding successful startups in Asia, as operating partner, Rain Capital has one other goal in mind: to boost funding to companies led by women and minorities. “Two … More

The post Rain Capital: Venture fund seeks to back cybersecurity companies led by women and minorities appeared first on Help Net Security.

Zero login: Fixing the flaws in authentication

Passwords, birth certificates, national insurance numbers and passports – as well as the various other means of authentication, that we have relied upon for the past century or more to prove who we are to others – can no longer be trusted in today’s digital age. That’s because the mishandling of these types of personally identifiable information (PII) documents from birth, along with a string of major digital data breaches that have taken place in … More

The post Zero login: Fixing the flaws in authentication appeared first on Help Net Security.

Review: The Absolute Platform with Persistence Technology

Absolute is a long-time player in the endpoint security arena, specializing in endpoint visibility and control. Regarded as an industry leader in IT asset management for more than two decades, Absolute recently revamped its solution to leverage its patented Persistence technology. The Software-as-a-Service platform is made possible through innovative endpoint technology and go-to-market partnerships with more than 25 original equipment manufacturers (OEMs) and top PC vendors. Absolute’s patented technology is built into the firmware of … More

The post Review: The Absolute Platform with Persistence Technology appeared first on Help Net Security.

Magecart presents an unprecedented threat: Here’s what you can do

Recently we learned that the previously disclosed Ticketmaster UK breach from a few weeks ago was not a one-off event but instead part of a widespread website digital credit card skimming operation that impacted over 800 ecommerce sites around the world. On the surface, even an attack of this size isn’t necessarily out of the norm in today’s threat landscape of highly sophisticated actors. However, if we consider the true impact of this event it … More

The post Magecart presents an unprecedented threat: Here’s what you can do appeared first on Help Net Security.

Chrome users get Site Isolation by default to ward off Spectre attacks

Site Isolation, the optional security feature added to Chrome 63 late last year to serve as protection against Spectre information disclosure attacks, has been enabled by default for all desktop Chrome users who upgraded to Chrome 67. How Site Isolation mitigates risk of Spectre attacks “In January, Google Project Zero disclosed a set of speculative execution side-channel attacks that became publicly known as Spectre and Meltdown. An additional variant of Spectre was disclosed in May. … More

The post Chrome users get Site Isolation by default to ward off Spectre attacks appeared first on Help Net Security.

An overview of the OT/ICS landscape for cyber professionals

Most cyber security professionals take for granted the information technology or IT nature of their work. That is, when designing cyber protections for some target infrastructure, it is generally presumed that protections are required for software running on computers and networks. The question of whether some system is digital or even computerized would seem to have been last relevant to ask in 1970. We all presume that everything is software on CPUs. The problem is … More

The post An overview of the OT/ICS landscape for cyber professionals appeared first on Help Net Security.