Schneier on Security

SEPTEMBER 18, 2020

Uncategorized humor passwords security questionsPosted three years ago, but definitely appropriate for the times.

Passwords 90

Passwords Security 90

WIRED Threat Level

SEPTEMBER 20, 2020

Security Security / Security AdviceThe latest update for your iPhone and iPad will make them safer than ever.

Privacy 103

Privacy Security 103

Data Breach Today

JULY 3, 2020

ENISA's Rossella Mattioli Reviews New Report Rossella Mattioli, a network and information security expert at ENISA, the European Union Agency for Cybersecurity, discusses a new report offering insights on detecting network security incidents

Cybersecurity 143

Cybersecurity Security Information Security 143

Schneier on Security

JANUARY 14, 2020

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Since the internet, especially the "internet of things," is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat.

Security 114

Security Encryption Marketing Data collection 114

Data Breach Today

MARCH 27, 2020

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident." Meanwhile, the Maze ransomware gang is claiming Chubb is its latest victim, according to researchers at the security firm Emsisoft

Insurance 192

Insurance Ransomware Security IT 192

Security Affairs

SEPTEMBER 20, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 282 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived!

Manufacturing 63

Manufacturing Phishing Security Encryption 63

Data Breach Today

MARCH 2, 2020

Chronicle's Anton Chuvakin on How to Fill the Gaps for Analysts There are glaring holes in how enterprises currently tackle security analytics, and by redefining the approach, the analyst's role can be transformed. Dr. Anton Chuvakin of Chronicle explains how

Analytics 152

Analytics Security 152

Data Breach Today

AUGUST 6, 2020

Security Researcher, CISA Director Raise Serious Concerns A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election. Meanwhile, the director of CISA calls Russian ransomware attacks one of the biggest threats to the election

Ransomware 126

Ransomware Security 126

Data Breach Today

SEPTEMBER 2, 2020

Neal O'Farrell on the Importance of Stress Management Increasing stress levels for cybersecurity professionals pose a serious organizational security risk, says Neal O'Farrell, founder of the PsyberResilience Project, a mental health advocacy group

Cybersecurity 151

Cybersecurity Risk Security 151

Data Breach Today

JULY 11, 2018

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 208

IoT Security 208

Data Breach Today

APRIL 3, 2020

News Reports Say Officials Investigating After Thousands Could Not Access Site Italian officials are investigating whether a disruption this week of access to the country's social security website was due to a hacking incident or a network overwhelmed by demand for benefits offered during the COVID-19 pandemic, according to news reports.

Security 181

Security Access 181

Data Breach Today

JULY 31, 2020

More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack

Manufacturing 184

Manufacturing Security 184

Data Breach Today

SEPTEMBER 14, 2020

ISMG View: Unless There's More To It, Database Appears to be Scraped Public Data A leaked database compiled by a Chinese company has suddenly become the focus of multiple media reports, warning that it could be used as an espionage instrument by Beijing.

Security 226

Security IT 226

Schneier on Security

APRIL 10, 2020

A good first step towards understand the security of this suddenly popular and very complex container orchestration system. Attack matrix for Kubernetes, using the MITRE ATT&CK framework. cybersecurity opensource securityengineering

Security 86

Security Cybersecurity 86

Krebs on Security

DECEMBER 1, 2018

Or a previously unknown security flaw gets exploited before it can be patched. They’re reshuffling the organizational chart so that people in charge of security report to the board, the CEO, and/or chief risk officer — anyone but the Chief Technology Officer.

Security 279

Security Passwords Phishing Data breaches 279

Data Breach Today

AUGUST 18, 2020

Palo Alto Networks' Sean Duca Describes the Cloud-Delivered Service Model The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works

Cloud 209

Cloud Access Security 209

Data Breach Today

JUNE 26, 2020

This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity

IoT 127

IoT Security 127

Data Breach Today

SEPTEMBER 5, 2020

Voatz Files Amicus Brief In Case Headed to the US Supreme Court In a court filing, online voting startup Voatz argues that most security research should be limited to those who have clear permission to probe systems and software for vulnerabilities.

Security 200

Security 200

Data Breach Today

MAY 20, 2019

The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices

Paper 212

Paper Security 212

Micro Focus

SEPTEMBER 9, 2020

In the first blog of three we discussed how the mainframe must meet new demands in connectivity and security. In this final blog, Barbara Ballard looks at endpoint hardening and wraps up the options for extending enterprise-level security to the mainframe.

Access 84

Access Data Privacy Privacy Security 84

Data Breach Today

MARCH 27, 2019

NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security. NTT Security's Khiro Mishra and WhiteHat Security's Craig Hinkley say the deal will help bring more application security - and DevSecOps - products, services and smarts to more organizations

Security 142

Security 142

WIRED Threat Level

SEPTEMBER 10, 2020

Security Security / Cyberattacks and HacksFive out of six brands tested by researchers would have allowed hackers to track kids—and in some cases eavesdrop on them.

Security 105

Security 105

Micro Focus

AUGUST 24, 2020

To remain, it must meet new demands for device connectivity and security. In the first of three blogs, Barbara Ballard assesses how the enterprise is extending enterprise-level security to the mainframe with access.

Access 74

Access Security Cloud IT 74

Data Breach Today

AUGUST 6, 2020

Peter Yapp, former deputy director at the UK's National Cyber Security Center, provides insights on building a stronger security infrastructure Insights on Protecting Customer Data During the Pandemic As organizations collect more consumer data during the COVID-19 pandemic, how can they protect it?

Security 116

Security IT 116

Data Breach Today

AUGUST 14, 2020

With the surge in telehealth use during the COVID-19 pandemic, healthcare organizations must be prepared to deal with cloud security and privacy risks, says Jim Angle of Trinity Health, who is the author of a recent report from the Cloud Security Alliance

Risk 145

Risk Cloud Privacy Security 145

Data Breach Today

SEPTEMBER 12, 2020

Legislation Seeks to Address ID Theft and Fraud Stemming From Breaches A bipartisan bill is looking to take some initial steps in creating nation-wide digital identity standards that can address a range of security issues, including theft and fraud stemming from data breaches.

Data breaches 171

Data breaches Security 171

Schneier on Security

JULY 7, 2020

They just published "Policy Principles for Building a Secure and Trustworthy Internet of Things.". Offering incentives for integrating security. Establishing regularly updated baseline security requirements.

IoT 94

IoT Security Privacy IT 94

Data Breach Today

JUNE 15, 2020

Check Point Research Claims Firm Sold CloudEyE Dropper Trojan An Italian cybersecurity company allegedly was a front for a criminal gang selling access to a dropper Trojan known as CloudEyE, according to analysts at the security firm Check Point Research

Cybersecurity 173

Cybersecurity Access Security 173

Data Breach Today

MARCH 5, 2020

Now, how do you secure it? David Wagner of Zix on Rising to the Challenges of Cloud Remote workers, connected devices, cloud services and infrastructure - these are the elements of the new workplace. That's the challenge discussed by David Wagner, CEO of Zix

Cloud 127

Cloud Security IT 127

OpenText Information Management

SEPTEMBER 14, 2020

As many of us are still working from home today, security is top of mind. We want to hear from you about your experiences with security and remote work over the last few months. If you take the time to … The post MaskOn for Security giveaway appeared first on OpenText Blogs.

Security 62

Security 62

Krebs on Security

JUNE 17, 2020

“We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.” The analysis highlights a shocking series of security failures at one of the world’s most secretive organizations, but the underlying weaknesses that gave rise to the breach also unfortunately are all too common in many organizations today. Here are a few, in no particular order: Failing to rapidly detect security incidents.

Security 163

Security Security awareness Authentication Passwords 163

Data Breach Today

MAY 15, 2020

The latest edition of the ISMG Security Report discusses securing RDP to prevent ransomware attacks. Also featured: A look at three likely scenarios for the COVID19 pandemic, and an analysis of why we're still using PINs for certain card payments

Ransomware 167

Ransomware Security 167

Data Breach Today

MARCH 12, 2020

A cloud computing security model needs to be customized to fit how the cloud provider serves its clients, says privacy attorney Adam Greene

Cloud 116

Cloud Privacy Security IT 116

Krebs on Security

MARCH 25, 2020

Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now. The text I have a beef with is the bit on the right, beneath the “This site is secure” statement.

Government 196

Government Security Encryption Phishing 196

Data Breach Today

MAY 24, 2019

First Data's Tim Horton on Why Encryption Is Not Enough to Secure PII When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption. But that approach no longer suffices, says First Data's Tim Horton, who calls for a new multilayered defense

Encryption 153

Encryption Security Data breaches 153

Data Breach Today

MARCH 3, 2020

Cisco's Head of Advisory CISOs on How Best to Serve Users In an RSA 2020 conference keynote, Cisco's Wendy Nather spoke of "democratizing security" - thinking differently about the people we serve and secure. She expands on that theme and discusses her role as head of advisory CISOs at Cisco's Duo Security unit

Security 141

Security 141

Data Breach Today

JANUARY 14, 2020

Security Experts Recommend Holdouts Review Their IT Strategy and Cloud Options Microsoft has ceased offering free security updates for its Windows 7 operating system, as well as Windows Server 2008 and 2008 R2.

Cloud 203

Cloud Security IT 203

Security Affairs

SEPTEMBER 16, 2020

The US National Security Agency (NSA) published guidance on the Unified Extensible Firmware Interface (UEFI) Secure Boot customization. The Secure Boot mechanism allows the execution of only software that is trusted by the Original Equipment Manufacturer (OEM). .

Manufacturing 78

Manufacturing Security Data breaches Information Security 78

Data Breach Today

SEPTEMBER 5, 2019

Oscar Chavez-Arietta of Sophos on Key Topics The cloud, artificial intelligence and security as a service - these are the three critical conversations that security leaders need to be having with their business counterparts, says Oscar Chavez-Arietta, vice president, Latin America, at Sophos

Artificial Intelligence 136

Artificial Intelligence Security Cloud 136

Data Breach Today

AUGUST 3, 2020

Walgreens and CVS Are Among the Chains Affected As more reports emerge regarding data breaches at pharmacy chains as a result of earlier break-ins and looting incidents during civil unrest, security experts are calling attention to important security issues, including the need to check physical security measures as well as encrypt mobile devices

Encryption 130

Encryption Data breaches Security 130