Posted by SecurityArchitecture on Monday, October 12, 2015
The breach highlights the general insufficiency of any corporate security program that fails to carefully consider the risk exposure represented by trusted third parties given access to or custody of sensitive information.
Posted by SecurityArchitecture on Tuesday, September 15, 2015
Regardless of how well (or poorly) the server was secured while it was operational, the steps taken to secure the data once the server was no longer in use provide a good example of what not to do.
Posted by SecurityArchitecture on Sunday, July 26, 2015
The good news for WordPress users is that there are multiple security plugins available that enhance site security, provide routine (even continuous) monitoring, and help administrators remove and repair whatever changes or damage an intrusion has caused.
Posted by SecurityArchitecture on Wednesday, March 25, 2015
On March 12, the Sourcefire team announced the release of Snort 188.8.131.52, the latest update to one of the most popular (and open source) network IDS tools. Detailed instructions for installing Snort on either Ubuntu Linux…
Posted by SecurityArchitecture on Saturday, December 27, 2014
The FedRAMP PMO rolled out a new logo and announced the addition of four cloud systems to its list of authorized service providers, bringing the total of authorized solutions to 27.
Posted by SecurityArchitecture on Friday, December 26, 2014
On December 12, the National Institute of Standards and Technology (NIST) Computer Security Division announced the final release of Special Publication 800-53A Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations. This…
Posted by SecurityArchitecture on Tuesday, November 25, 2014
In September retailer Home Depot announced a large-scale breach of customer credit-card data, affecting as many as 56 million consumers. The attack bears strong similarities to the theft of customer data Target suffered late last year,…