Category: Operations Security

Operations Security, Security

The real reason you’re failing at PCI DSS compliance

December 8, 2017

Via: CIO

For nine years, Verizon has released its annual Payment Security Report about the state of Payment Card Industry Data Security Standard (PCI DSS) compliance. For nine years, the pattern has remained the same: Many companies don’t comply with the standard, […]

Operations Security, Security

macOS High Sierra 10.13.2 is here with enterprise and security updates

December 7, 2017

Via: ArsTechnica

Rounding out several days of OS updates that included iOS 11.2, tvOS 11.2, and watchOS 4.2, Apple today rolled out macOS High Sierra 10.13.2 for supported Macs. You can download the update now from the Mac App Store. The update […]

Operations Security, Security

Apple releases a macOS security update to fix huge login security flaw

November 29, 2017

Via: Tech Crunch

Apple has just released a security update for macOS High Sierra and you should update right now (Apple will automatically push the security patch later today). This update fixes yesterday’s very concerning vulnerability that let anyone log into your Mac […]

Operations Security, Security

Delayed Security Clearance Reforms Could Increase Costs for Agencies

November 23, 2017

Via: Government Executive

Intelligence officials are still far behind in perfecting a system to continuously evaluate security clearance holders by scanning public records rather than relying on rigorous re-clearance investigations every five or 10 years, a congressional watchdog found. In October 2016, the […]

Networking Security, Operations Security, Security

Intel: We’ve found severe bugs in secretive Management Engine, affecting millions

November 21, 2017

Via: ZDnet

Thanks to an investigation by third-party researchers into Intel’s hidden firmware in certain chips, Intel decided to audit its firmware and on Monday confirmed it had found 11 severe bugs that affect millions of computers and servers. The flaws affect […]

Operations Security, Security

GitHub to devs: Now you’ll get security alerts on flaws in popular software libraries

November 17, 2017

Via: ZDnet

Development platform GitHub has launched a new service that searches project dependencies in JavaScript and Ruby for known vulnerabilities and then alerts project owners if it finds any. The new service aims to help developers update project dependencies as soon […]

Operations Security, Security

NASA spent $1.4 billion on IT, but governance and security issues remain

November 16, 2017

Via: ZDnet

NASA spent $1.4 billion, or 7.6 percent of its $18.5 billion budget, on information technology, but continues to struggle with security and governance, according to the space agency’s annual report. The report highlights how NASA has struggled with managing its […]

Operations Security, Security

The Growing Threat of Cryptocurrency Mining Malware

November 15, 2017

Via: Fortune

It takes a lot of computing power to “mine” a bitcoin or other digital currency coin. The giant mining operations of Asia stack thousands of computers in dimly lit factory buildings powered by cheap electricity from coal-fed generating plants. Bitmain’s […]

Operations Security, Security

OPM still plagued by cyber weaknesses, IG finds

November 9, 2017

Via: FCW

Nearly two-and-a-half years since OPM suffered a data breach that exposed the records of over 20 million federal employees and contractors, the agency still has a long way to go when it comes to managing security and meeting key requirements, […]

Operations Security, Security

Hacking the vote: Threats keep changing, but election IT sadly stays the same

November 7, 2017

Via: ArsTechnica

The outcome of the 2016 presidential election is history. But allegations of voter fraud, election interference by foreign governments, and intrusions into state electoral agencies’ systems have since cast a pall over the system that determines who makes the laws […]