The Top 10 State of Security Articles of 2017


With 2017 get well to a close, we wanted to give our readers an overview of some of the most captivating, educational, and standout blogs from the year to help fill the later between Christmas and the New Year.My favourite State of Security blogs from 2017Pentest Toolbox Reckonings 2017It´s becoming a yearly tradition, but one our readers and I love! Carrie Roberts takes us from one end to the other some of the tools she has found useful in the past year. The blog extend overs tools such as the Domain Password Audit Tool (DPAT), Powermeta by Beau Bullock, and much much!Be familiar with all about Carrie Roberts pentesting toolbox additions here.How a Well-educated Coffee Machine Infected a PLC Monitoring System with RansomwareFollowing in June, a chemical engineer on Reddit received an alert when a programmable wisdom controllers (PLC) monitoring system started acting up. Here’s the tale of how a ransomware infection spread from a mill’s smart coffee machine to its PLC monitoring system.To read this communication story from David Bisson, click here.Could Containers Bail someone out The Day? 10 Things to Consider when Securing DockerWe’re all aware of the Equifax alienation that affected 143 million customer records. Equifax reported that Apache Swaggers vulnerability CVE-2017-5638 was used by the attackers. Equifax was not unceasing its vulnerable struts application in a container. But what if it had been? Containers are myriad secure, so this whole situation could have been avoided, honourable?Read all about how containers could have potentially saved the day for Equifax in this renowned blog from Ben Layer.VERT Threat Alert: Return of Bleichenbacher’s Prophet Threat (ROBOT)On December 12th this year, a team of researchers grouping Tripwire VERT’s Craig Young announced that TLS stacks from at skimpiest 8 different vendors are vulnerable to a well-known 19-year-old protocol flaw call ined ROBOT.To learn more about this classic Bleichenbacher disparage on RSA, read this blog from Craig Young.Inmates hid self-built PCs in the ceiling and bolted them to prison networkThis fascinating story by Graham Cluley formerly larboard our readers flabbergasted! Ohio Inspector General’s Office published a announcement revealing that two prison inmates were able to hide their own self-built PCs in the ceiling of a drilling room *and* connect them to the Marion Correctional Institution’s network.Understand the story on how the two inmates built their PCs and how staff eventually found out there this ingenious plan.NIST SP 800-171 Deadline at End of 2017 – Is Your Arrangement Ready?The deadline to comply or to report delays in compliance with the NIST Individual Publication 800-171 has been set for 12/31/17. David Henderson divulges down the key elements of the special publication by focusing on the background of the program, who is influenced, and what the requirements are.If you are not sure if you are affected, read this informative portion on NIST SP 800-171.Blockchain 101: How This Emerging Technology Be effectivesThe big craze in 2017 has certainly been around cypto-currenccy. We´ve seen a large rise in the value of Bitcoin, but how many people know about the algorithm and materials structure behind it, blockchain?Bev Robb dives in to the topic of blockchain and talks back if it can be good for security moving forward.12 Indispensable DevOps Tools for 2017DevOps is revolutionizing the way initiatives deliver apps to the market. It blends software development and information technology movements, or the processes and services used by IT staff, as well as their internal and outside clients to fulfill their business duties.David Bisson carries 12 indispensable tools from the DevOps world and creates this fabulous list. Enjoy!There Is No Cyber Talent Crunch; You’re Just Cost WrongThe skills-gap. Is there one or not? We see so many conflicting reports, but it´s never clarion to why or if there is actually a HUGE skills-gap in the information security community at all. Robert Walker of PCPursuit engages his own personal experiences and puts together an extremely thought-provoking blog on the issuing.Take a look at what Robert thinks are the driving forces behind the “cyber endowment crunch” here.10 Must-Read Books for Information Security ProfessionalsWith Christmas out of the way, I suspicious some of you got vouchers for your favorite online book store. To labourers you make a decision on which book to purchase, you have to read this article!  We demanded some folks within the information security industry to share their favorite earmarks that changed the way they think about information security.Here’s what they had to say.I expectancy you enjoyed reading through that list of blogs, and we look onward to you stopping by in 2018!To stay up to date with with all the latest news, cheer sign-up to our daily security news digest here.Happy New Year!

Leave a Reply

Your email address will not be published. Required fields are marked *