This Blog has Moved!

This blog is moving to


Thank you for visiting! Content will remain here for archival purposes.

Space Weather Outlook March 27, 2016 at 08:25PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #16-13 2016 March 27 at 6:11 p.m. MDT (2016 March 28 0011 UTC) **** SPACE WEATHER OUTLOOK **** Summary For March 21-27 No space weather storms were observed during the summary period. Outlook For March 28-April 3 G1 (Minor) geomagnetic storms are expected on 02 - 03 April while G2 (Moderate) geomagnetic storms are expected on 02 April in response to coronal hole high speed stream effects. No other space weather storms are predicted for the outlook period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Exploiting Web-Based Applications - FREE Video Training Course

The following is external content provided as a free resource for blog readers.
In this course, we will teach you the top exploits including Cross-site Scripting, Cross-site Request Forgery, and more! You'll get real world examples including a Netflix case study along with the mitigation techniques to prevent these attacks. Build skills you can use today and are in demand by top employers.
  • Learn how to exploit websites with 14 classes, 3 hours of content, and quizzes to test your skills
  • Identify the most vulnerable types of websites, web-based platforms, and web technologies
  • Inject malicious scripts into webpages using Cross-site-Scripting (XSS)
  • Execute Code remotely using remote and local File Inclusion
  • Use Cross-site Request Forgery (CSRF) to maliciously exploit a website where unauthorized commands are transmitted from a user that the website trusts


Request Free!

Automating Defenses Against Increasingly Sophisticated DDoS Attacks

The following is external content provided as a free resource for blog readers.
Find out about the changing landscape from volumetric to application-focused attacks, and the need for a fast and fine-grained automatic mitigation solution.

This white paper covers:
  • How DDoS attacks threaten our digital lifestyle.
  • Defenses for new application-layer attacks.
  • How DDOS attacks are getting more sophisticated.
  • How to protect against application-layer attacks.
  • How to align with SDN & NFV software trends.
DOWNLOAD NOW!

Request Free!

What's the Right Cyber Security Model for You?

The following is external content provided as a free resource for blog readers.
It reviews the current DDoS attack landscape and explains why traditional network security solutions such as firewalls, Intrusion Prevention Systems (IPS) and Web Application Firewalls (WAF) cannot stop DDoS attacks.

It then reviews and compares the three main approaches for deploying dedicated DDoS solutions --- on-premise, cloud or hybrid --- and how to stop future DDoS attacks using these approaches.

Request Free!

Second Edition DDoS Handbook: The Ultimate Guide to Everything You Need to Know About DDoS Attacks

The following is external content provided as a free resource for blog readers.
While cyber-threats are by nature a moving target, Radware's DDoS Handbook offers expert advice, actionable tools and tips to help detect and stop DDoS attacks.

Read it to understand:
  • Brief history of DDoS attacks, plus roundup of recent cyber-attacks
  • Overview of major attack categories, specific attack types and tools
  • What lies ahead: predictions for 2015 and beyond
  • Things to consider when planning for cyber-attacks
  • Protecting enterprise assets in the cloud


Request Free!

Understanding Always-On, Cloud WAF Services

The following is external content provided as a free resource for blog readers.
This accelerated change of both attack vectors and assets rapidly renders any static web security solution obsolete. Successfully accommodating for rapidly evolving web security requires a new model: continuous readiness through automatic dynamic adaption.

Radware's Cloud WAF Service is a fully-managed, always on service that integrates cloud-based with on premise protection against a broad range of attack vectors.

Read this white paper to learn how this cloud-based WAF service addresses today's most challenging web-based cyber-attacks.

Request Free!

Space Weather Outlook March 20, 2016 at 08:22PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #16-12 2016 March 20 at 6:09 p.m. MDT (2016 March 21 0009 UTC) **** SPACE WEATHER OUTLOOK **** Summary For March 14-20 G1 (Minor) geomagnetic storms were observed on 14 - 17 March in response to coronal hole high speed stream effects. No other space weather storms were observed. Outlook For March 21-27 No space weather storms are predicted for the outlook period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

The Forrester Total Economic Impact of Microsoft Office 365 Report

The following is external content provided as a free resource for blog readers.
In an objective study commissioned by Microsoft, Forrester Consulting investigated the Total Economic Impact™ for small to medium sized businesses, with 1 to 250 employees, using Office 365. The study revealed a sizeable return on investment.

Discover these findings and more when you download the free report:
  • Improved Business Continuity. How enhanced business continuity led to an avoidance in lost billable hours of $15,000, annually.
  • Increased mobile worker productivity. How an investment in mobility saved 45 hours per year per worker.
  • Lowered Security, Risk, and Compliance Costs. How an organization went from 15 data breaches per year to 1, resulting in $1,400 in annual savings.


Request Free!

The Small Business Cloud Outlook

The following is external content provided as a free resource for blog readers.
Small to mid-sized businesses today face a tough task; providing helpful collaboration tools that big businesses offer, without the large costs.

Microsoft commissioned Spiceworks, a network of IT pros, to survey over 250 IT experts working at small to mid-sized businesses to tell us how to do more with less.

Learn more in the free eBook and propel your small business into the cloud:
  • Costs - Provide better tools to increase availability, productivity, and security while keeping costs down.
  • Scale - Take advantage of self-servicing and discover the ability to quickly scale your business.
  • Mobility - Make accessing information on the go easier for your mobile workforce.


Request Free!

Space Weather Outlook March 14, 2016 at 01:09AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #16-11 2016 March 13 at 10:43 p.m. MDT (2016 March 14 0443 UTC) **** SPACE WEATHER OUTLOOK **** Summary For March 7-13 G1 (Minor) geomagnetic storms were observed on 07 March and G2 (Moderate) geomagnetic storms were observed on 11 March in response to coronal hole effects. No other space weather storms were observed. Outlook For March 14-20 G1 (Minor) geomagnetic storms are expected on 15 and 16 March due to coronal hole effects. No other space weather storms are predicted for the outlook period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

5 Things You Need to Know about Security and UC

The following is external content provided as a free resource for blog readers.
From calculating ROI to negotiating contracts and anticipating changes in infrastructure, there are a multitude of factors to consider when making the transition to a new communication service. Yet while financial and infrastructure considerations are usually paramount when deploying new communication technology, data security is often overlooked. This whitepaper provides five steps to educate yourself on common pitfalls and challenges along with critical questions to ask your UC vendors.

Request Free!

Anatomy of a Hack Disrupted

The following is external content provided as a free resource for blog readers.
Every year, organizations spend millions trying to reverse the damage that occurred from malware attacks. And it seems that the malware threat is becoming more challenging to respond to every year. So what is the best way to identify and respond to a malware attack?

Download the “Anatomy of a Hack Disrupted: How One SIEM's Out-of-the-Box Rules Caught an Intrusion and Beyond” white paper to see how one organization used LogRhythm to isolate, identify and disrupt a potentially damaging malware attack.

Written by Randy Franklin Smith, this paper walks step-by-step through the details of how LogRhythm's AI Engine alerted the organization with a default, out-of-the-box rule and what the subsequent actions were in thwarting the attack.

Request Free!

A Proven Security Intelligence Model for Combating Cyber Threats

The following is external content provided as a free resource for blog readers.
IT environments have become much more vulnerable as enterprise mobility, cloud services and “bring-your-own-everything” have broken down the defensible perimeter and added layers of complexity to securing the enterprise.

Attempting to prevent attacks is still important, but organizations must acknowledge that attacks that are stealthy by nature can be crafted to get past the preventive measures.

LogRhthym's goal is to ensure that enterprises have a partner able to provide the integrated technology building blocks, and associated services, to most effectively and efficiently realize their Security Intelligence objectives so they can best protect themselves from damaging cyber threats. Download this FREE white paper to learn more about this proven security intelligence model for combating cyber threats.

Request Free!

SC Mag Cyberthreat Intelligence eBook

The following is external content provided as a free resource for blog readers.
Cyberthreat Intelligence (CTI) is fast becoming one of the key security resources for CISOs and security teams, but it's not just enterprises benefiting from CTI; small to midsize businesses are finding value in CTI as well. In this eBook, we'll learn from experts on the topic including: Ed Bellis, founder and CTO of Kenna Security; Bob Gourley, co-founder and partner of Cognito; Andrew Hay, CISO of Data Gravity; John Pescatore, director of emerging security trends at SANS Institute; and Michael Orosz, director of the Decisions Systems Group, Information Sciences Institute Viterbi School of Engineering, University of Southern California.

Request Free!

CyberEdge Group 2016 Cyberthreat Defense Report

The following is external content provided as a free resource for blog readers.
Information security researcher, CyberEdge published the 2016 Cyberthreat Defense Report, providing a 360-degree view of organizations' security threats, response plans, processes and investments.

Report highlights:
  • 76% of respondents' network were breached in 2015
  • 62% believe a successful attack is likely in 2016
  • Malware and spear phishing are causing the most headaches
  • The quantity of organizations with active BYOD deployments is falling
  • Low security awareness among employees is the greatest inhibitor
Download the report to learn more about what IT security teams are doing to defend against the never-ending evolution of cyberthreats.

Request Free!

Critical Capabilities for Security Information and Event Management

The following is external content provided as a free resource for blog readers.
Security information and event management technologies vary widely in their focus and functionalities, with vendors offering divergent security monitoring visions. This research will help IT security managers choose the best SIEM solution for their business.

Request Free!

What's New in the Windows 10 Security Log

The following is external content provided as a free resource for blog readers.
Among the countless changes in Windows 10 Microsoft has provided IT organizations more visibility into auditable actions on Windows 10 machines and the resulting events in the Security Log. Understanding these enhancements is important because we need every edge we can get to detect endpoint intrusions.

This white paper will help educate you on specific changes, what new detail is provided, and how to leverage these new events to identify malicious activity.

Request Free!

Space Weather Outlook March 07, 2016 at 01:00AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #16-10 2016 March 6 at 10:44 p.m. MST (2016 March 7 0544 UTC) **** SPACE WEATHER OUTLOOK **** Summary For February 29-March 6 G3 (Strong) geomagnetic storms were observed on 06 March in response to coronal hole effects. No other space weather storms were observed. Outlook For March 7-13 G2 (Moderate) geomagnetic storms are expected on 07 March due to coronal hole effects. No other space weather storms are predicted for the outlook period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

The Cutting Edge Managed Security Solution - The CyberDNA Difference

The following is external content provided as a free resource for blog readers.

The CyberDNA  Network  Security  Monitoring Service  aims  to reduce the  overall cyber  risk to  an  organization by proactively monitoring the  customer’s network for signs  of anomalous activity  that  could  be  indicative of active  compromise, misconfigurations, or other notable security  risks.   In short,  it helps  your  team reduce the  average time  to  incident detection from years  and  months down  to minutes and  hours, thus reducing breach impact and  incident response costs.



Request Free!

Implementing SSL/TLS Using Cryptography and PKI (FREE for a limited time!) Valued at $39.99

The following is external content provided as a free resource for blog readers.
If you are a network professional who knows C programming, this practical book is for you. Focused on how to implement Secure Socket Layer (SSL) and Transport Layer Security (TLS), this book guides you through all necessary steps, whether or not you have a working knowledge of cryptography. The book covers SSLv2, TLS 1.0, and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, certificate parsing, certificate generation, and more.

Coverage includes:
  • Understanding Internet Security
  • Protecting against Eavesdroppers with Symmetric Cryptography
  • Secure Key Exchange over an Insecure Medium with Public Key Cryptography
  • Authenticating Communications Using Digital Signatures
  • Creating a Network of Trust Using X.509 Certificates
  • A Usable, Secure Communications Protocol: Client-Side TLS
  • Adding Server-Side TLS 1.0 Support
  • Advanced SSL Topics
  • Adding TLS 1.2 Support to Your TLS Library
  • Other Applications of SSL
  • A Binary Representation of Integers: A Primer
  • Installing TCPDump and OpenSSL
  • Understanding the Pitfalls of SSLv2
Set up and launch a working implementation of SSL today with this practical guide.

Request Free!

Windows Malware Analysis Essentials (Valued at $39.99) FREE!

The following is external content provided as a free resource for blog readers.

We will start with the basics of computing fundamentals such as number systems and Boolean algebra. Further, you'll learn about x86 assembly programming and its integration with high level languages such as C++.You'll understand how to decipher disassembly code obtained from the compiled source code and map it back to its original design goals.

By delving into end to end analysis with real-world malware samples to solidify your understanding, you'll sharpen your technique of handling destructive malware binaries and vector mechanisms. You will also be encouraged to consider analysis lab safety measures so that there is no infection in the process.

Finally, we'll have a rounded tour of various emulations, sandboxing, and debugging options so that you know what is at your disposal when you need a specific kind of weapon in order to nullify the malware.



Request Free!

2016 Security Essentials - The Ultimate Defense Kit (a $39.99 value!)

The following is external content provided as a free resource for blog readers.
By delving into end to end analysis with real-world malware samples to solidify your understanding, you'll sharpen your technique of handling destructive malware binaries and vector mechanisms. You will also be encouraged to consider analysis lab safety measures so that there is no infection in the process.

Use this knowledge to protect yourself and your business, today!

The following kit contents will help you continue your research on Security:

Request Free!