Security News

Encryption is vital for securing data, whether in transit or stored on devices. ALGORITHM REQUIREMENTS. Ciphers that are proven, standard, highly tested and free of patent encumbrances must be used as the basis for encrypting devices and communications.

The Data Encryption Policy's purpose is to define for employees, computer users and IT department staff the encryption requirements to be used on all computer, device, desktop, laptop, server, network storage and storage area network disks, and drives that access or store organization information to prevent unauthorized access to organization communications, email, records, files, databases, application data and other material. This policy from TechRepublic Premium can be customized as needed to fit the needs of your organization.

Many computer systems, network devices and other technological hardware used in the enterprise can audit and log various activities. These activities include network traffic, internet access, creating or deleting users, adding users to groups, changing file permissions, transferring files, opening the case, powering off, deleting system logs, and anything else a user, administrator or the system itself might do.

All modern enterprises must accept the fact that at some point their systems or networks will very likely experience an unauthorized intrusion of some kind. A clear and concise plan of action will help counteract any intrusion into an enterprise network and mitigate potential damage.

Learn how a malicious driver exploits a loophole in the Windows operating system to run at kernel level. Cisco Talos discovered a new Microsoft Windows policy loophole that allows a threat actor to sign malicious kernel-mode drivers executed by the operating system.

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy loophole. With Windows Vista, Microsoft introduced policy changes restricting how Windows kernel-mode drivers could be loaded into the operating system, requiring developers to submit their drivers for review and sign them through Microsoft's developer portal.

A Microsoft Windows policy loophole has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers. "Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates," Cisco Talos said in an exhaustive two-part report shared with The Hacker News.

This policy from TechRepublic Premium provides guidelines for the consistent and secure management of passwords for employees and system and service accounts. These guidelines include mandates on how passwords should be generated, used, stored and changed as well as instructions for handling password compromises.

This policy from TechRepublic Premium provides guidelines to safeguard company information, reduce business and legal risks and protect company investments and reputation. Its adjunct policy, the Network security policy, covers the systems and devices that transport and store data.

PHYSICAL SECURITY GUIDELINES AND REQUIREMENTS. The following guidelines should be followed in designing and enforcing access to IT assets. Access to server rooms and IT equipment rooms should be restricted to only those whose job responsibilities require that they maintain the equipment or infrastructure of the room.