IT and Security - Information Management Today

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Krebs on Security

JUNE 8, 2023

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. The Barracuda Email Security Gateway (ESG) 900 appliance. Campbell, Calif.

IT

IT Security Ransomware Encryption

New Rules for Shipbuilding Focus on IT/OT Cybersecurity

Data Breach Today

APRIL 4, 2024

New IACS Rules to Secure Onboard Digital Systems, Equipment Go Into Effect July 1 IT and OT security experts say threats to shipping underscore the need for more stringent regulations for passenger, cargo and high-speed vessels by the International Association of Classification Societies.

Cybersecurity

Cybersecurity IT Security

Choosing the right IT security partner: How Jamf fulfills your IT security need

Jamf

APRIL 17, 2024

Learn how choosing the right partner for your security needs can veritably make or break your cybersecurity plan. Also, gain a better understanding of how Jamf solutions integrate to address the challenges of the modern threat landscape through Trusted Access for top-to-bottom and end-to-end protection of your enterprise.

IT

IT Security Cybersecurity Access

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Why Cybereason Is Making Its 3rd Round of Layoffs Since 2022

Data Breach Today

MARCH 20, 2024

Among the exiting employees is Zohar Alon, the longtime Dome9 Security leader who joined Cybereason just 11 months ago as president of product and research and development.o joined Cybereason just 11 months ago as president of product and research and development.

IT

IT Security

7 Pitfalls for Apache Cassandra in Production

Overlooking Security Considerations. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance. The topics covered include: Using Cassandra as if it were a Relational Database. Managing Delete Heavy Workloads. Running Unoptimized Queries.

Security

Feds Tackling Information Security in Government Procurement

Data Breach Today

APRIL 1, 2024

GSA Establishes Framework for Security Regulations Covering Federal Acquisitions The federal government aims to streamline its information security and supply chain security procurement policies as part of an effort to better safeguard federal systems.

Information Security

Information Security Government Security Cybersecurity

Is Microsegmentation for Zero Trust Defenses Worth It?

Data Breach Today

FEBRUARY 27, 2024

Forrester's David Holmes on Why CISOs Must Evaluate Microsegmentation in Cloud Microsegmentation is a fundamental concept in zero trust security, but CISOs should assess its feasibility before diving in.

IT

IT Cloud Security

CIA Finds It Failed to Secure Its Own Systems

Data Breach Today

JUNE 17, 2020

Senator Wyden Releases CIA's Own 2017 Report Into Leak of 'Vault 7' Hacking Tools An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked (..)

IT

IT Security Data breaches

French Security Firm Says Hackers Accessed Its Source Code

Data Breach Today

FEBRUARY 5, 2021

Stormshield Is a Major Supplier of Security Products to the French Government French security vendor Stormshield has launched an investigation after an internal review found that hackers accessed the source code of the company's network security product.

Access

Access Security IT Government

The Essential Guide to Building Analytic Applications

What should software teams know about implementing security that works with the rest of their products? What should product managers keep in mind when adding an analytics project to their roadmap?

Analytics

Good Governance: 'It's All Hygiene'

Data Breach Today

NOVEMBER 30, 2023

In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."

Government

Government IT Security

Boosting Security Resilience and Defending the IT Ecosystem

Data Breach Today

JUNE 9, 2022

Jeetu Patel of Cisco Discusses the Critical Ability to 'Bounce Back' From Incidents With rising threats facing critical infrastructure sectors, such as healthcare and financial services, "society as a whole, and the safety of society is completely dependent on cyber risk" - and being security resilient, says Jeetu Patel of Cisco.

Financial Services

Financial Services Security IT Risk

Cisco addressed severe flaws in its Secure Client

Security Affairs

MARCH 8, 2024

Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two high-severity vulnerabilities in Secure Client respectively tracked as CVE-2024-20337 and CVE-2024-20338.

Security

Security IT Authentication Libraries

Navigating the complex world of IT security: how unified security simplifies protection

Jamf

MARCH 20, 2024

Securing your organization is a difficult task. Learn how a unified security platform makes security easier. Choosing the right software solutions can help.

Security

Security IT

The Essential Guide to Analytic Applications

We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges.

Analytics

Florida City's Water Hack: Poor IT Security Laid Bare

Data Breach Today

FEBRUARY 11, 2021

The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.

IT

IT Passwords Security Access

Florida's Water Hack: Poor IT Security Laid Bare

Data Breach Today

FEBRUARY 10, 2021

The incident is likely to raise questions over the vulnerability of critical infrastructure in small towns on slim IT security budgets.

IT

IT Passwords Security Access

Okta to Acquire Spera Security

Data Breach Today

DECEMBER 19, 2023

Okta Says Acquisition Will Expand Its Ability to Detect High-Risk Accounts Okta finalized an agreement to acquire Spera Security, saying the purchase will expand its ability to track risky accounts and access misconfigurations.

Security

Security Risk Access IT

Honeywell's James DeLuccia on Product Security vs IT Defense

Data Breach Today

OCTOBER 31, 2022

Consistency Is the Objective in IT Security, But Product Security Must Be Flexible Organizations expect the IT security landscape to be consistent - from builds and hardware to operating systems - but for product security, everything Honeywell makes is a snowflake with flexible, highly tailored design across many technologies, says Honeywell Product (..)

IT

IT Security

7 Questions Every App Team Should Ask

Which sophisticated analytics capabilities can give your application a competitive edge? In its 2020 Embedded BI Market Study, Dresner Advisory Services continues to identify the importance of embedded analytics in technologies and initiatives strategic to business intelligence.

Analytics

Assessing the Privacy, Security Risks of Digital Health IT

Data Breach Today

JULY 18, 2022

A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.

Risk

Risk Privacy Security IT

Iranian Hackers Target Israeli Logistics and IT Companies

Data Breach Today

NOVEMBER 9, 2023

Iranian Espionage Group Used Tactics From Previous Campaigns Security company CrowdStrike said it had observed Iranian hacker group Imperial Kitten, also known as TA456, Crimson Sandstorm and Tortoiseshell, conducting web compromise operations between 2022 and 2023 to infiltrate Israeli logistics, transportation and technology companies.

IT

IT Security

Zscaler Expands AI Security Capabilities by Acquiring Avalor

Data Breach Today

MARCH 14, 2024

Zscaler Purchase Aims to Revolutionize Zero Trust Cybersecurity With Advanced AI Zscaler bought a data security startup led by a longtime Salesforce executive to help customers stay ahead of threats by beefing up data quality and AI models.

Security

Security Cybersecurity IT

CISA Launches New Efforts to Secure Open-Source Ecosystem

Data Breach Today

MARCH 7, 2024

Cybersecurity and Infrastructure Security Agency hopes to expand voluntary information sharing between the federal government and open-source software operators with a series of actions the agency announced following a two-day open-source security summit held at its Virginia headquarters.

Security

Security Cybersecurity Government IT

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

On Point: Offensive Security for Mobile Network Operators

Data Breach Today

JANUARY 22, 2024

Build Resiliency by Simulating Real-World Attacks and Gaining Insight Into Threats As cyberthreats evolve, mobile network operators need offensive security to maintain resilience. Traditional security, such as firewalls and encryption, is not sufficient on its own.

Security

Security Encryption IT

Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. “An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, x), Ivanti Policy Secure (9.x, and 22.5R1.1); Policy Secure version 22.5R1.1;

Security

Security IT Authentication Access

Best Practices to Pass an IT Security Audit

Data Breach Today

APRIL 5, 2023

Josh Hankins of Qualys on Tips and Tricks He Learned as a Practitioner Before he became a chief technical security officer at Qualys, Josh Hankins was a cybersecurity leader in financial services. He learned how security audit failures are increasingly costly, and he devised new strategies for audit preparation.

Financial Services

Financial Services Security IT Cybersecurity

Joe Sullivan: What's a Breach? 'It's a Complicated Question'

Data Breach Today

OCTOBER 5, 2023

The Question is Also One for the Legal Team to Own, Says Uber's Former CSO Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, sharing lessons learned from the U.S.

IT

IT Data breaches Security

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Will Cybersecurity Get Its 1st New Unicorn Since June 2022?

Data Breach Today

MARCH 13, 2024

Data Security Startup Cyera Seeks to Raise $150M to $200M at a Valuation of $1.55B Cyera is raising between $150 million and $200 million in a new funding round that would value the Silicon Valley-based data security startup at as much as $1.55

Cybersecurity

Cybersecurity IT Security

Proactive Security: What It Means for Enterprise Security Strategy

Dark Reading

SEPTEMBER 26, 2023

Proactive Security holds the elusive promise of helping enterprises finally get ahead of threats, but CISOs must come to grips with the technological and philosophical change that it brings.

Security

Security IT

Ivanti Patches Critical Endpoint Security Vulnerability

Data Breach Today

JANUARY 7, 2024

SQL Injection Flaw Affects All Supported Versions of Ivanti Endpoint Manager Ivanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers.

Security

Security IT

Fulton County, Security Experts Call LockBit’s Bluff

Krebs on Security

FEBRUARY 29, 2024

Security experts say LockBit was likely bluffing and probably lost most of the data when the gang’s servers were seized this month by U.S. The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand.

Security

Security Ransomware IT Access

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

BigID Raises $60M, Eyes M&A Around Data Security, Compliance

Data Breach Today

MARCH 18, 2024

Data Security Vendor Retains Unicorn Status With Riverwood Capital-Led Growth Round A data security firm led by a former CA Technologies executive raised $60 million to boost both organic and inorganic expansion around data and compliance.

Compliance

Compliance Security Access IT

IT-OT Convergence: Taking the Right Security Measures

Data Breach Today

SEPTEMBER 13, 2021

Meralco's Mel Migriño on How to Ensure OT Security In addition to doing asset inventory, it is important to profile the risks of each asset to ensure OT security, says Mel Migriño, vice president and group CISO at Meralco, the largest power distribution unit in the Philippines.

IT

IT Security Risk

Synopsys Greenlights Sale of $525M Application Security Unit

Data Breach Today

MARCH 21, 2024

Software Integrity Business Could Fetch More Than $3B, Attract Private Equity Firms Synopsys' board of directors signed off Wednesday on selling the company's $525 million application security testing business to focus exclusively on design automation and IP.

Sales

Sales Security IT

Wyze Security Incident Exposes Private Cameras

Data Breach Today

FEBRUARY 21, 2024

13,000 Users Received Incorrect Thumbnails; 1,504 Tapped on Them, Risking Privacy A glitch in Wyze home security cameras permitted thousands of users to catch glimpses inside strangers' homes as its cloud system came back online after an hourslong outage.

Security

Security Cloud Privacy Risk

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter.

Security

Report: CIA Failed to Secure Its Own Systems

Data Breach Today

JUNE 16, 2020

Senator Wyden Releases 2017 Report That Blames Lack of Security for Leaks An internal CIA report released Tuesday found that the agency's failure to secure its own systems led to the massive 2017 data breach that enabled classified information, including details on 35 CIA hacking tools, to be leaked to WikiLeaks.

IT

IT Security Data breaches

Experts Say Chinese Safes Pose Risks to US National Security

Data Breach Today

MARCH 14, 2024

Senator Urges Government to Tell Public About Little-Known Manufacturer Reset Codes Experts told ISMG that Chinese-made locks and commercial safes could pose national security risks when used by major U.S.

Risk

Risk Manufacturing Security Government

Microsoft's Latest Hack Sparks Major Security Concerns

Data Breach Today

JANUARY 22, 2024

Experts Warn Tech Giant Faces Potential for Future Cyberattacks After Email Hacking Security experts told ISMG they were concerned Microsoft could suffer future cyberattacks and threats to its customers after a Russian state hacking group managed to evade detection for several weeks while targeting accounts associated with the company’s top executives. (..)

Security

Security IT

Understanding Security Frameworks: Guide for IT Security Professionals

Jamf

AUGUST 9, 2023

In this webinar series, Aaron Webb explains what security frameworks are, their importance and explains the critical role they play when securing your organization’s environment.

Security

Security IT Compliance Risk

Your Team's Pragmatic Guide to Security

Speaker: Naresh Soni, CTO, Tsunami XR

The pandemic has led to new data vulnerabilities, and therefore new cyber security threats. As technology leaders, it's time to rethink some of your product security strategy. Whether you need to rework your security architecture, improve performance, and/or deal with new threats, this webinar has you covered.

Security

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

New Rules for Shipbuilding Focus on IT/OT Cybersecurity

Webinars

Trending Sources

Choosing the right IT security partner: How Jamf fulfills your IT security need

Webinars

Why Cybereason Is Making Its 3rd Round of Layoffs Since 2022

7 Pitfalls for Apache Cassandra in Production

Feds Tackling Information Security in Government Procurement

Is Microsegmentation for Zero Trust Defenses Worth It?

CIA Finds It Failed to Secure Its Own Systems

French Security Firm Says Hackers Accessed Its Source Code

The Essential Guide to Building Analytic Applications

Good Governance: 'It's All Hygiene'

Boosting Security Resilience and Defending the IT Ecosystem

Cisco addressed severe flaws in its Secure Client

Navigating the complex world of IT security: how unified security simplifies protection

The Essential Guide to Analytic Applications

Florida City's Water Hack: Poor IT Security Laid Bare

Florida's Water Hack: Poor IT Security Laid Bare

Okta to Acquire Spera Security

Honeywell's James DeLuccia on Product Security vs IT Defense

7 Questions Every App Team Should Ask

Assessing the Privacy, Security Risks of Digital Health IT

Iranian Hackers Target Israeli Logistics and IT Companies

Zscaler Expands AI Security Capabilities by Acquiring Avalor

CISA Launches New Efforts to Secure Open-Source Ecosystem

5 Early Indicators Your Embedded Analytics Will Fail

On Point: Offensive Security for Mobile Network Operators

Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices

Best Practices to Pass an IT Security Audit

Joe Sullivan: What's a Breach? 'It's a Complicated Question'

How to Package and Price Embedded Analytics

Will Cybersecurity Get Its 1st New Unicorn Since June 2022?

Proactive Security: What It Means for Enterprise Security Strategy

Ivanti Patches Critical Endpoint Security Vulnerability

Fulton County, Security Experts Call LockBit’s Bluff

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

BigID Raises $60M, Eyes M&A Around Data Security, Compliance

IT-OT Convergence: Taking the Right Security Measures

Synopsys Greenlights Sale of $525M Application Security Unit

Wyze Security Incident Exposes Private Cameras

Shift Left Security? Development Does Not Want to Own It.

Report: CIA Failed to Secure Its Own Systems

Experts Say Chinese Safes Pose Risks to US National Security

Microsoft's Latest Hack Sparks Major Security Concerns

Understanding Security Frameworks: Guide for IT Security Professionals

Your Team's Pragmatic Guide to Security

Stay Connected