ICYMI: Pen testing tool or exploit? 6 samples of ways hackers get in

HP: 100% of smartwatches have security flaws. What can we learn from JPMorgan's insider breaches?. CSO Update July 28, 2015 ICYMI: Pen testing tool or exploit? 6 samples of ways hackers get in Attackers use the same tools in attacks that pen testers use to test. Six sample vulnerabilities and exploits. READ MORE   Issue highlights 1. HP: 100% of smartwatches have security flaws 2. What can we learn from JPMorgan's insider breaches? 3. The Irari Report: Threat Intelligence and the Dark Web 4. Google Drive phishing is back -- with obfuscation 5. Hacked Opinions: Vulnerability disclosure – Sam Curry 6. Predicting winners and losers in the EMV rollout Resource compliments of: Skyhigh Networks [eBook] The Definitive Guide to Cloud Security Based on Gartner's framework for managing cloud security, this eBook provides IT and Security teams with step-by-step checklists for managing the cloud security lifecycle. Whether you're just starting to define processes and policies, or reviewing an existing framework, this guide will get you started with best practices and useful action items. Download the Guide! HP: 100% of smartwatches have security flaws In a recent security assessment of ten smartwatches and their iOS and Android companion applications, every single watch had at least one significant security flaw, according to a new report from HP Fortify READ MORE What can we learn from JPMorgan's insider breaches? Another former JPMorgan Chase & Co. (JPMC) employee was recently arrested by the FBI on charges of stealing customer data and trying to sell it. Similar incidents have occurred multiple times at JPMC over the past few years. Upon closer inspection a common thread emerges from each of these incidents -- JPMC's inability to account for insider threats. READ MORE White Paper: CrowdStrike Beyond Malware: Detecting the Undetectable Download this white paper to understand how successful attacks targeting high-profile government and corporate entities are able to easily bypass traditional defenses. Find out how some organizations are now able to detect and respond to malware-free intrusions using next generation endpoint protection technology. View more The Irari Report: Threat Intelligence and the Dark Web Video READ MORE Google Drive phishing is back -- with obfuscation If you have a Google account and a stranger sends you a link to a document on Google Drive, think twice before clicking -- it could be a phishing scam designed to harvest your Google credentials READ MORE White Paper: CrowdStrike Cyber Attack Survival Checklist Download this checklist and learn how to avoid common mistakes and eliminate deficiencies within your existing security measures, providing practical steps for enhancing your effectiveness against the stealthiest adversaries and attacks. Learn more Hacked Opinions: Vulnerability disclosure – Sam Curry Arbor Networks' Sam Curry talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts. READ MORE Predicting winners and losers in the EMV rollout On October 1, the liability for credit card fraud shifts from card issuers to retailers that haven't transitioned to accept cards that use new EMV technology. Some groups will be more ready than others. READ MORE White Paper: Citrix | HP Field Service Mobility Solutions Improve Customer Experience Customers expect to get what they want in their mobile moment. They expect to access any information or services from any device, in their immediate context, at their moment of need. As a result, mobility has become central to the delivery of a high-quality customer experience and often, by extension, the employee experience. Learn More Top 5 Stories Ashley Madison hack exposes IT details and customer records Hacking Team hacked, attackers claim 400GB in dumped data Just get rid of Java finally Microsoft releases out-of-band patch for all versions of Windows So, you want a Masters Degree in cybersecurity?   Editor's Picks 15 hot, new security and privacy apps for Android and iOS How to get creative with your penetration testing 5 security bolstering strategies that won't break the bank What's wrong with this picture?The NEW clean desk test Inside an attack by the Syrian Electronic Army   Follow CSO Online You are currently subscribed to cso_update as jonsan98@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy Learn about INSIDER When accessing content promoted in this email, you are providing consent for your information to be shared with the sponsors of the content. Please see our Privacy Policy for more information. If you are interested in advertising in this newsletter, please contact: online@cxo.com Copyright (C) 2015 CSO Online Media Group, 492 Old Connecticut Path, Framingham, MA 01701 ** Please do not reply to this message. To contact someone directly, send an e-mail to online@csoonline.com. **