CyberSecurity Institute

DNS Zone Transfer AXFR Requests May Leak Domain Information A remote unauthenticated user may request a DNS zone transfer from a public-facing DNS server. If improperly configured, the DNS server may respond with information about the requested zone, revealing internal network structure and potentially sensitive information. Link: https://www.us-cert.gov/ncas/alerts/TA15-103A   Better…

iOS 8.3 fixes dozens of security vulnerabilities Apple has issued more than three-dozen security fixes in its latest mobile operating system update, released Wednesday. Link: http://www.zdnet.com/article/ios-8-3-fixes-dozens-of-security-issues/?tag=nl.e589&s_cid=e589&ttag=e589&ftag=TREc64629f Malware-as-a-Service enabling novice threat actors to attack According to the Websense Security Labs 2015 Threat Report, MaaS (Malware-as-a-Service) is enabling even entry level threat…

Cyber War Games: Top 3 Lessons Learned About Incident Response Deloitte leads client organizations in war game exercises like these to “stress test” their incident response plans, and identify the strengths and weaknesses of their communications, protocols, and cyber disaster preparedness. • Designate a Crisis Officer • Be Skeptical About…

Cisco Launches New Advanced Malware Protection Capabilities and Incident Response Services, Giving Customers Powerful Tools for Faster Time to Detection and Resolution SAN JOSE, CA, Apr 07, 2015 (Marketwired via COMTEX) — Cisco CSCO, -0.32% today unveiled a host of new capabilities and services that give security professionals extensive intelligence…

Wyoming broadens definition of personal information in amended data breach notification law The amendment expands the definition of personal information to now include an individual’s first name or first initial and last name in combination with any of the following: (1) Social Security number, (2) driver’s license number, (3) account…

Wake up! What are you doing to battle breach fatigue? On the surface, there is a silver lining to the fatigue phenomenon: Since the public has been hammered with nonstop news about breaches, it isn’t necessarily perceived to be as severe. This can translate to a quicker recovery for a…