What the Uber verdict means to CISOs: You're (probably) not going to jailThere seem to be two reactions to the verdict in the Sullivan case. One...
Day: October 28, 2022
New Chinese attack framework Alchimist serves Windows, Linux, and macOS implants
New Chinese attack framework Alchimist serves Windows, Linux, and macOS implantsResearchers have discovered a new attack framework of Chinese origin that they believe is being used...
Top skill-building resources and advice for CISOs
Top skill-building resources and advice for CISOsThe role of the CISO has evolved, and so have the responsibilities. Some believe a CISO must have technical knowledge...
BrandPost: Why Ease-of-Use is Central to Better Security
BrandPost: Why Ease-of-Use is Central to Better SecurityHere is an old joke from my days as a consultant. A customer asked, “How can I be sure...
Altruism under attack: why cybersecurity has become essential to humanitarian nonprofits
Altruism under attack: why cybersecurity has become essential to humanitarian nonprofitsHumanitarian initiatives have always been of huge global importance, but perhaps never more so than over...
GitGuardian adds IaC scanning to code security platform to protect SDLC
GitGuardian adds IaC scanning to code security platform to protect SDLCGitGuardian has added infrastructure-as-code (IaC) scanning to its code security platform to enhance the security of...
8 top multi-factor authentication products and how to choose an MFA solution
8 top multi-factor authentication products and how to choose an MFA solutionToday’s credential-based attacks are much more sophisticated. Whether it’s advanced phishing techniques, credential stuffing, or...
Supply chain attacks increased over 600% this year and companies are falling behind
Supply chain attacks increased over 600% this year and companies are falling behindThe number of documented supply chain attacks involving malicious third-party components has increased 633%...
High, medium severity vulnerabilities impacting Zimbra Collaboration Suite
High, medium severity vulnerabilities impacting Zimbra Collaboration SuiteThreat actors are actively exploiting multiple Common Vulnerabilities and Exposures (CVEs) against enterprise cloud-hosted collaboration software and email platform...
Attackers switch to self-extracting password-protected archives to distribute email malware
Attackers switch to self-extracting password-protected archives to distribute email malwareDistributing malware inside password-protected archives has long been one of the main techniques used by attackers to...
Financial losses to synthetic identity-based fraud to double by 2024
Financial losses to synthetic identity-based fraud to double by 2024Losses to imposter scams based on synthetic identities—identities that only exist as figments in a credit reporting...
Securing your organization against phishing can cost up to $85 per email
Securing your organization against phishing can cost up to $85 per emailAs phishing attacks increase, preventing them from doing damage is proving costly for organizations. Phishing-related...
With Conti gone, LockBit takes lead of the ransomware threat landscape
With Conti gone, LockBit takes lead of the ransomware threat landscapeThe number of ransomware attacks observed over the previous three months declined compared to the previous...
96% of companies report insufficient security for sensitive cloud data
96% of companies report insufficient security for sensitive cloud dataThe vast majority of organizations lack confidence in securing their data in cloud, while many companies acknowledge...
IoT security strategy from enterprises using connected devices
IoT security strategy from enterprises using connected devicesIoT devices pose significant threats to enterprises because of lack of visibility into what devices are on enterprise networks...
It’s time to prioritize SaaS security
It’s time to prioritize SaaS securityDid our focus on IaaS security come at the expense of SaaS security? Know what to guard against, especially excessive user...
When CISOs are doomed to fail, and how to improve your chances of success
When CISOs are doomed to fail, and how to improve your chances of successThere's a joke cryptographer Jon Callas likes to tell: CISO stands for Chief...
Iran’s nuclear energy agency confirms email server hacked
Iran’s nuclear energy agency confirms email server hackedThe Atomic Energy Organization of Iran on Sunday confirmed that an email server at its Bushehr Nuclear Power Plant...
Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSC
Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSCA secure by design approach is vital to protecting the...
Medibank Backtracks: All Customer Data Was Exposed to Hackers
Medibank Backtracks: All Customer Data Was Exposed to HackersInsurer’s incident response processes under fireLeer másInsurer’s incident response processes under fire
GitHub Bug Exposed Repositories to Hijacking
GitHub Bug Exposed Repositories to HijackingCheckmarx warns over 10,000 popular packages could be vulnerableLeer másCheckmarx warns over 10,000 popular packages could be vulnerable
Blockchain security companies tackle cryptocurrency theft, ransom tracing
Blockchain security companies tackle cryptocurrency theft, ransom tracingAccording to data from the Rekt leaderboard, cybercriminals have stolen as much as $3 billion of investor funds through...
Thomson Reuters Leaks at Least 3TB of Personal Data
Thomson Reuters Leaks at Least 3TB of Personal DataThomson Reuters, a multinational media conglomerate, left at least three of its databases open which resulted in the...
White House Launches Chemical Sector Security Sprint
White House Launches Chemical Sector Security SprintBid to improve critical national infrastructure continuesLeer másBid to improve critical national infrastructure continues
8 hallmarks of a proactive security strategy
8 hallmarks of a proactive security strategyCISOs have long been tasked with building response and recovery capabilities, the objective being to have teams that can react...
Feds accuse Ukrainian of renting out PC-raiding Raccoon malware to fiends
Feds accuse Ukrainian of renting out PC-raiding Raccoon malware to fiendsSeparately, charges slapped on alleged operator of dark market, The Real Deal Mark Sokolovsky, 26, a...
US Education Sector Attacked by Vice Society Ransomware
US Education Sector Attacked by Vice Society RansomwareThe US has recently been confronted with a threat actor named ‘Vice Society’, which has been using ransomware and...
LinkedIn Unveils New Security Features to Tackle Fraud
LinkedIn Unveils New Security Features to Tackle FraudThe social media company made the announcement in a blog post on TuesdayLeer másThe social media company made the...
Akamai to boost network-layer DDoS protection with new scrubbing centers
Akamai to boost network-layer DDoS protection with new scrubbing centersContent delivery network (CDN) provider Akamai said Tuesday that its Prolexic DDoS protection service will become able...
What Is Federated Identity?
What Is Federated Identity?In information technology, federated identity refers to a method for connecting an individual’s digital identity and characteristics across numerous distinct identity management systems....