Executive SummaryThe National Institute of Standards and Technology (NIST) has traditionally published secureconfiguration guides for Apple desktop/laptop operating system versions as prose-based SpecialPublications (SPs), such as...
Day: August 29, 2022
CISA INSIGHTS – Preparing Critical Infrastructure for Post-Quantum Cryptography
Quantum Risk to Digital CommunicationsNation-states and private companies are actively pursuing the capabilities of quantum computers. Quantum computing opens up exciting new possibilities; however, the consequences...
Advisor Most Voted Post CISO CISO2CISO Notepad Series SSLC - Secure Software Development Lifecycle TOP Featured Post User most voted post
Secure Software Development Lifecycle Fundamentals by Codrut Andrei
SUMMARYThe Secure Software Development Lifecycle Fundamentals is a brief introduction to SDLC, its methods,available resources, and it is primarily written with the developer in mind. All...
Twilio Hackers Scarf 10K Okta Credentials in Sprawling Supply-Chain Attack
Twilio Hackers Scarf 10K Okta Credentials in Sprawling Supply-Chain AttackThe "0ktapus" cyberattackers set up a well-planned spear-phishing effort that affected at least 130 orgs beyond Twilio...
Capital One Joins Open Source Security Foundation
Capital One Joins Open Source Security FoundationOpenSSF welcomes Capital One as a premier member affirming its commitment to strengthening the open source software supply chain.Read MoreDark...
Endpoint Protection / Antivirus Products Tested for Malware Protection
Endpoint Protection / Antivirus Products Tested for Malware ProtectionSix out of the eight products achieved an "A" rating or higher for blocking malware attacks. Reports are...
How DevSecOps Empowers Citizen Developers
How DevSecOps Empowers Citizen DevelopersDevSecOps can help overcome inheritance mentality, especially in low- and no-code environments.Read MoreDark ReadingDevSecOps can help overcome inheritance mentality, especially in low-...
‘No-Party’ Data Architectures Promise More Control, Better Security
'No-Party' Data Architectures Promise More Control, Better SecurityConsumers gain control of their data while companies build better relationships with their customers — but third-party ad-tech firms...
‘Sliver’ Emerges as Cobalt Strike Alternative for Malicious C2
'Sliver' Emerges as Cobalt Strike Alternative for Malicious C2Microsoft and others say they have observed nation-state actors, ransomware purveyors, and assorted cybercriminals pivoting to an open...
LastPass Suffers Data Breach, Source Code Stolen
LastPass Suffers Data Breach, Source Code StolenResearchers warned that cyberattackers will be probing the code for weaknesses to exploit later.Read MoreDark ReadingResearchers warned that cyberattackers will...
Rise in IoT vulnerability disclosures, up 57%
Rise in IoT vulnerability disclosures, up 57%Vulnerability disclosures impacting IoT devices increased by 57% in the first half (1H) of 2022 compared to the previous six...
Attackers changing targets from large hospitals to specialty clinics
Attackers changing targets from large hospitals to specialty clinicsCritical Insight announced the release of the firm’s H1 2022 Healthcare Data Breach Report, which analyzes breach data...