Hacker Group Exploits “Hot Patching” In Windows To Cloak Cyberespionage

A cyberespionage group is using an advanced persistent threat technique that exploits an obscure Windows OS feature known as “hot patching” to cloak backdoors they have created in targeted systems and networks of government agencies and telecommunications companies in Asia and Southeast Asia, according to Microsoft. The group, called Platinum by Microsoft researchers, has gained … Continue reading Hacker Group Exploits “Hot Patching” In Windows To Cloak Cyberespionage

4 Tips For Planning An Effective Security Budget

Where does the information security budget reside and who owns it? That’s an ongoing debate as organizations allocate resources to protect critical assets in a dynamically changing technology and threat environment. In many organizations, chief information security officers report to the chief information officer, because security operations and budgets are part of the IT department. … Continue reading 4 Tips For Planning An Effective Security Budget

NextGov Weekly Tech Column: NASA working to save Earth from Deadly Meteor Strikes

This week in John Breeden’s NextGov column, he writes about an unlikely NASA presentation that happened at a riotous sci-fi party in Reykjavik, Iceland. It turns out that all those worries about asteroids hitting Earth and killing everyone should soon be a thing of the past as NASA works to complete a new planetary defense platform by 2025.

Living in the real world

The IRS is preparing for a digital future as if the Real World had already disappeared. It’s no surprise that the agency’s taxpayer service has gone to hell. IRS managers and their congressional overseers have to acknowledge that the Internet is not now—and probably never will be—the answer to everything.

Tenable Network Security: Aligning IT with Government Agency Missions to Reduce Shadow IT

Lack of communication between IT departments and those responsible for executing agency mission can lead to the creation of shadow IT—unauthorized and often unmanaged applications that can introduce vulnerabilities. This is something that SecurityCenter Continuous View™ (CV) can help you identify, understand and manage.