This Blog has Moved!

This blog is moving to


Thank you for visiting! Content will remain here for archival purposes.

Space Weather Outlook December 25, 2016 at 11:45PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #16-52 2016 December 25 at 9:30 p.m. MST (2016 December 26 0430 UTC) **** SPACE WEATHER OUTLOOK **** Summary For December 19-25 G2 (Moderate) storm levels were observed on 21 Dec due to the onset of coronal hole effects. G1 (Minor) Storm levels were observed on 22 Dec as coronal hole effects persisted. Outlook For December 26-January 1 G1 (Minor) conditions are expected on 26 Dec due to coronal hole effects. No other significant space weather is expected. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

DDoS: The Stakes Have Changed. Have You?

The following is external content provided as a free resource for blog readers.
The findings of the latest annual Worldwide Infrastructure Security Report (WISR) by Arbor Networks® show that Distributed Denial of Service (DDoS) attacks continue to be popular with attackers, and are increasing in size, frequency and complexity.

Request Free!

Out Think Your Enemies

The following is external content provided as a free resource for blog readers.
Retail is the industry most targeted by DDoS attacks, and with 50% of organizations experiencing disruption, threats are increasing in both scale and sophistication. This requires an equally sophisticated defense system to combat the problem.

Arbor Networks®, the world’s leading provider of DDoS protection, offers you a solution portfolio to detect, validate, remediate and mitigate cyber attacks.

Request Free!

IHS Technology DDoS Prevention Appliances

The following is external content provided as a free resource for blog readers.
Download this report to learn the following:
  • Top Takeaways: DDoS prevention appliances.
  • Market background and key drivers.
  • Long-term forecast: data center deployments maintain lead, mobile passes carrier transport by 2018.
  • Manufacturers and market share analysis: Arbor Networks maintains lead.
  • Demand-side data.


Request Free!

DDoS Attack: Smoke Screen or Smoke Signal?

The following is external content provided as a free resource for blog readers.
Where there is smoke, there is fire. Businesses must recognize DDoS attacks for the data security threat that they are, instead of the simple nuisances of earlier years. In this insight, Stratecast |Frost & Sullivan details the growing threat from smoke screen DDoS attacks, and offers business leaders recommendations for properly understanding DDoS risk in a cyber security context.

Request Free!

Space Weather Outlook December 18, 2016 at 08:13PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #16-51 2016 December 18 at 6:01 p.m. MST (2016 December 19 0101 UTC) **** SPACE WEATHER OUTLOOK **** Summary For December 12-18 No significant space weather was observed during the summary period. Outlook For December 19-25 G1 (Minor) geomagnetic storms are likely on 21-22 December due to influences from recurrent, positive polarity CH HSSs. No other significant space weather is expected. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

A Prescription for Privacy

The following is external content provided as a free resource for blog readers.
Technology continues to make information more readily available to a larger group of people than ever before. Yet even as the latest technological advances bring a greater wealth of opportunities for sharing and distributing knowledge, each advance also increases the risk that sensitive data will land in the wrong hands. The more sensitive the data, the greater the risk—and few industries handle a larger volume of sensitive data than the healthcare industry.

Request Free!

Getting Ahead of the Compliance Curve

The following is external content provided as a free resource for blog readers.
Compliance is a fast-moving target, and it's getting harder to keep up. In a survey by IT Policy Compliance Group, a consortium dedicated to helping IT security professionals meet policy and compliance goals, 70 percent of all respondents reported being subject to multiple regulatory compliance mandates, as well as contractual obligations and industry standards. Meanwhile, IT budgets are getting leaner as organizations strive to increase cost efficiency in tough economic times, and the emergence of cloud-based services has increased the complexity of compliance management. Given these challenges and tight deadlines, many organizations are addressing compliance requirements in silos using a “checklist” approach.

Unfortunately, this tactical, reactive approach can lead to higher compliance costs, more audit deficiencies, greater business downtime, and increased risk of data loss. To avoid this trap and get ahead of the compliance curve, organizations need solutions that can help them take a more proactive approach and plan for — instead of reacting to — the rapidly changing compliance environment.

Request Free!

Perfect Forward Secrecy - The Next Step in Data Security

The following is external content provided as a free resource for blog readers.
That's why Symantec is continuing to innovate with Perfect Forward Secrecy—SSL certificates that feature ECC. Elliptic Curve Cryptography allows increased performance and protection with shorter key lengths to bring greater confidence to you and your customers.

Request Free!

Protecting Users From Firesheep and Sidejacking Attacks with SSL

The following is external content provided as a free resource for blog readers.
Firesheep allows an attacker connected to the local network to monitor the web sessions of other users on that network. As experts proclaimed in reaction to Firesheep, the best solution to the problem is to use TLS/SSL for all connections to web sites, including the home page. Download Protecting Users From Firesheep and other Sidejacking Attacks with SSL to learn how to avoid these attacks.

Sponsored by: Symantec Website Security Solutions

Request Free!

Protecting Your Website With Always On SSL

The following is external content provided as a free resource for blog readers.
Trust and consumer confidence is the foundation upon which the Internet has been built. Leading commerce and financial services companies worldwide have long used Secure Socket Layer and Transport Layer Security (SSL/TLS) technologies to secure customer communications and transactions.

But with the rise of Web 2.0 and social networking, people are spending more time online and logged in, and they are communicating much more than just their credit card numbers. Unfortunately, Web security practices have not always kept pace with these changes. Many organizations use the SSL/TLS protocol to encrypt the authentication process when users log in to a website, but do not encrypt subsequent pages during the user's session. This practice is risky because it leaves website visitors vulnerable to malicious online attacks, and can result in millions of users being unknowingly exposed to threats simply by visiting a trusted website.

Also included in this white paper, are detailed accounts of four organizations—Facebook, Google, PayPal and Twitter—that are leading the way with Always On SSL in a cooperative effort to make the Internet more secure.

Request Free!

Reducing the Cost and Complexity of Web Vulnerability Management

The following is external content provided as a free resource for blog readers.
In a recent study conducted by the Ponemon Institute, 90 percent of respondents indicated that they have had two or more breaches in the past 12 months, and nearly two-thirds responded that they have had multiple breaches during the same period of time. These breaches can be incredibly expensive. Studies show that the average cost per incident of a data breach in the United States is $7.2 million, with one of the largest breaches costing $35.3 million to resolve. Security lapses involving personal information can also erode consumer trust; more than half of Internet users avoid buying online because they're afraid that their financial information might be stolen. With stakes so high, organizations need to focus their security efforts to prevent these and other breaches.

Request Free!

Spoofing Server-Server Communication: How You Can Prevent It

The following is external content provided as a free resource for blog readers.
Learn how to prevent the new SSL Strip threat that could compromise your secure applications. In this must read white paper, “Spoofing Server-Server Communication: How You Can Prevent it,” written by security analyst Larry Seltzer, you will learn about the new advances in attacks that exploit weaknesses of generic SSL to compromise server-server communication and how you can help prevent it.

Request Free!

SSL for Apps Best Practices for Developers

The following is external content provided as a free resource for blog readers.
SSL is a fundamentally sound technology that provides confidentiality, authentication, and integrity. The most significant challenge facing the SSL ecosystem is not a technological flaw or limitation, but rather the way it is being implemented and the practices around it. All SSL Client non-browser applications should follow all the practices in this document to ensure the high level of authentication, confidentiality and integrity promised by SSL are achieved.

Request Free!

Frost & Sullivan Analyst Paper, 'Six Golden Rules for Selecting an SSL Certificate'

The following is external content provided as a free resource for blog readers.
The foundation of trusted Internet communications are Secure Socket Link (SSL) certificates, an encryption technology installed on Web servers that permits transmission of sensitive data through an encrypted connection. Using a Public-Key Infrastructure (PKI), SSL certificates authenticate the end-use Website and the endpoint server, making it difficult for those sites to be imitated or forged.

The acquisition of SSL certificates should always be a relatively easy experience; however, the purchasing decision should never be regarded lightly. When businesses consider SSL certificates; there six Golden Rules a purchaser should keep in mind.

At the end of the day, people want to make sure their Web sites are secured with as little friction as possible—Symantec gives businesses every opportunity to achieve that goal.

Request Free!

Web Security and the OWASP Top 10: The Big Picture

The following is external content provided as a free resource for blog readers.
Continue to learn more about web security risks we face in an easily consumable, well-structured fashion that aligns to the number one industry standard on the topic today.

Request Free!

Cyber Security Roundup with Troy Hunt

The following is external content provided as a free resource for blog readers.
Troy also takes a deep dive into what happened, how these breaches were handled publicly and what the bigger implications of these various attacks tell us about the state of security.

Request Free!

Space Weather Outlook December 11, 2016 at 07:27PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #16-50 2016 December 11 at 5:13 p.m. MST (2016 December 12 0013 UTC) **** SPACE WEATHER OUTLOOK **** Summary For December 5-11 G1 (Minor) geomagnetic storms were observed on 09 December due to effects from a negative polarity coronal hole high speed. No other significant space weather was observed during the summary period. Outlook For December 12-18 No siginificant space weather is expected during the outlook period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Protect Your Weakest Security Link - End Users

The following is external content provided as a free resource for blog readers.
Learn how to use technology and prevention strategies to guard against dumpster diving, spear phishing, and other tactics with:
  • Real-world prevention strategies
  • Tools to spot suspicious actions
  • Real-time behavioral malware analysis


Request Free!

6 Ways Office 365 Keeps Your Email and Business Secure

The following is external content provided as a free resource for blog readers.
Download the free eBook to see how Microsoft uses 20 years of security experience to safeguard your organization's data, including:
  • Data privacy and control.
  • Management of external threats.
  • Prevention of internal security threats.
  • Secure access across mobile devices.
  • Compliance capabilities.


Request Free!

The Current State of Email Security

The following is external content provided as a free resource for blog readers.
Companies face a constant barrage of external threats and internal risks that can cause significant harm to the business.

Download this report to learn more about:
  • Inbound email threats and the dangers they pose.
  • Outbound risks to data and compliance.
  • Choosing a cloud solution to address these risks.


Request Free!

Space Weather Outlook December 05, 2016 at 01:13AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #16-49 2016 December 4 at 11:02 p.m. MST (2016 December 5 0602 UTC) **** SPACE WEATHER OUTLOOK **** Summary For November 28-December 4 R1 (Minor) radio blackouts were observed on 29 November due to flare activity from active sunspot Region 2615. Outlook For December 5-11 G1 (Minor) geomagnetic storm conditions are likely on 08-09 December due to recurrent coronal hole high speed stream effects. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Mitigating Risk in a Complex Hybrid Directory Environment

The following is external content provided as a free resource for blog readers.

On-premises Active Directory (AD) implementations are common in businesses today. As organizations embrace cloud applications, such as Office 365, IT teams are finding they must implement Azure Active Directory. In most cases, organizations integrate Azure AD with their on-premises AD, which creates a hybrid directory environment. The surface attack areas of on-premise and Azure Active Directory are large, which poses serious security concerns. It is essential that IT teams secure the weakest links.



Request Free!

Mobile Device Exploitation Cookbook ($11 Value) FREE For a Limited Time

The following is external content provided as a free resource for blog readers.

What you will learn:

  • Install and configure Android SDK and ADB
  • Analyze Android Permission Model using ADB and bypass Android Lock Screen Protection
  • Set up the iOS Development Environment - Xcode and iOS Simulator
  • Create a Simple Android app and iOS app and run it in Emulator and Simulator respectively
  • Set up the Android and iOS Pentesting Environment
  • Explore mobile malware, reverse engineering, and code your own malware
  • Audit Android and iOS apps using static and dynamic analysis
  • Examine iOS App Data storage and Keychain security vulnerabilities
  • Set up the Wireless Pentesting Lab for Mobile Devices
  • Configure traffic interception with Android and intercept Traffic using Burp Suite and Wireshark
  • Attack mobile applications by playing around with traffic and SSL certificates
  • Set up the Blackberry and Windows Phone Development Environment and Simulator
  • Setting up the Blackberry and Windows Phone Pentesting Environment
  • Steal data from Blackberry and Windows phones applications

This free offer expires 12/15. 



Request Free!

Asking the Right Questions

The following is external content provided as a free resource for blog readers.
At Kaspersky Lab, our research shows that more than 90% of businesses have experienced some sort of external security threat in the past year. With numbers like that, it's imperative that you know the answers to some very important questions, such as:
  • Where are our biggest vulnerabilities?
  • Are we focusing on the most dangerous threats that we face—the ones that can do the most damage?
  • Why is a multi-layered approach so important?
Find the answers you need to know by downloading our new eBook, asking the Right Questions: Today's Threat Landscape for the Enterprise. We'll break down the statistics on the biggest threats that enterprises face and how you can defend your business.

Request Free!

The Internet of Threats

The following is external content provided as a free resource for blog readers.
With industries such as transportation, energy production and whole cities being transformed by the potential that IoT offers, security becomes an even greater concern.

Download our eBook, Internet of Threats: Security in the Growing IoT Market, to learn what you can expect from the oncoming wave of connected “things.” How will businesses respond to the concerns of consumers? Can cities keep people moving safely and efficiently? How is the automotive industry responding?

Request Free!