A whitepaper published by the European network and Information Security Agency (ENISA) gives an overview of the legal aspects of cyber security in the European Union (EU). Although, the majority of data breaches do normally make it to the press but there are many breaches which remain either undetected or not reported. EU considers effective legislation is key here and it engaged all Member States to transpose the relevant EU directive into national laws that obliges providers of public communication networks and services to report security incidents to national authorities. Download ENISA's whitepaper from here – https://www.enisa.europa.eu/activities/Resilience-and-CIIP/Incidents-reporting/cyber-incident-reporting-in-the-eu/at_download/fullReport
Threat modeling can help organizations minimize the potential cost and need to rework code while in development or in post-production support. To help make threat modeling a little easier, Microsoft offers a free SDL Threat Modeling Tool that enables non-security subject matter experts to create and analyze threat models by communicating about the security design of their systems, analyzing those designs for potential security issues using a proven methodology and suggesting and managing mitigations for security issues. Read more here - http://blogs.technet.com/b/security/archive/2012/08/23/microsoft-s-free-security-tools-threat-modeling.aspx?Redirected=true
Microsoft Script Explorer for Windows PowerShell (Release Candidate) helps scripters find Windows PowerShell scripts, snippets, modules, and how-to guidance in online repositories such as the TechNet Script Center Repository, PoshCode, local or network file systems and Bing Search Repository. Read more and download the setup file from here - http://www.microsoft.com/en-us/download/details.aspx?id=29101
Attend Amazon's AWS re: Invent this November, the No.1 event for the AWS Cloud community. It is the event of the cloud computing developers, hottest start-ups, and visionary technology leaders. The event includes topics that will make you a Cloud expert in: monitoring cloud resources, optimizing performance, managing security, and cutting costs. Plus you can meet with Amazon's AWS engineers and product teams that built your favorite services: EC2, S3, RDS, Dynamo, etc. Register and get more details here – https://reinvent.awsevents.com/?lc=EM_E2_IA_B Read more about Cloud Computing here - http://www.itinfomag.com/category/cloud-computing/
According to Microsoft's Tim Rains, drive-by download attacks continue to be a favorite tactic used by many attackers attempting to compromise large numbers of systems around the world. In his MS Security blog, Tim discusses drive-by download attacks and the need to keep all software up-to-date in an effort to mitigate this type of attack. He refers to information from the Microsoft Security Intelligence Report Volume 12 such as, Blacole which is the name given to a family of malware that, when encountered, will use any number of available exploits to compromise a system. It consists of a collection of malicious web pages that contain exploits for vulnerabilities in versions of Adobe Flash Player, Adobe Reader, Microsoft Data Access Components (MDAC), the Oracle Java Runtime Environment (JRE), and other popular products and components. The main recommendation by Tim is to keep all software in your environment up-to-date, not just Windows; assume attackers are targeting vulnerabilities in all prevalent software. Read more here - http://blogs.technet.com/b/security/archive/2012/07/19/the-rise-of-the-black-hole-exploit-kit-the-importance-of-keeping-all-software-up-to-date.aspx