WIRED Threat Level

JANUARY 24, 2021

Security Security / Security NewsZombie versions of Adobe’s troubled software can still cause problems in systems around the world.

Security 95

Security 95

The Last Watchdog

DECEMBER 8, 2020

Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. Related: The shared burden of securing the Internet of Things. Security, meanwhile, has morphed into a glut of point solutions that mostly serve to highlight the myriad gaps in an ever-expanding attack surface. It’s called Secure Access Service Edge, or SASE , as coined by research firm Gartner.

Security 137

Security Access Cloud Cybersecurity 137

Security Affairs

DECEMBER 3, 2020

Security researchers have uncovered a new technique to inject a software skimmer onto checkout pages, the malware hides in social media buttons. Security experts at Sansec have detailed a new technique used by crooks to inject a software skimmer into checkout pages.

Security 111

Security Cloud Information Security IT 111

IT Governance

MAY 27, 2021

For all the talk of criminal hacking, ransomware infections and the technologies to prevent them, the key to protecting your organisation is cyber security awareness training. The importance of cyber security staff awareness. Cyber security awareness best practices.

Security awareness 66

Security awareness Data breaches Security Ransomware 66

Advertisement

A next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Cloud

Security Affairs

DECEMBER 21, 2020

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The post SUPERNOVA, a backdoor found while investigating SolarWinds hack appeared first on Security Affairs.

Security 114

Security Libraries Information Security IT 114

Data Breach Today

APRIL 6, 2021

This is reality for most enterprises today, and it’s changed the role of endpoint security solutions. Cisco’s Elias Levy on the Leap From EDR to XDR and What It Means Exponentially more devices on the network mean proportionately less visibility.

Security 173

Security IT 173

Data Breach Today

MARCH 19, 2021

Protecting Servers Is Foundational For Modern Data Center Security. View this OnDemand webinar to learn how VMware Carbon Black is delivering unified workload protection that’s purpose-built for vSphere

Security 211

Security 211

Schneier on Security

FEBRUARY 19, 2021

This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security. A published private key provides no security at all.

Security 110

Security Paper IT 110

Data Breach Today

DECEMBER 4, 2020

Experian's David Britton on Identity Governance and Security Organizations can enhance security while maintaining a good customer experience by leveraging data for authentication, says David Britton of Experian

Customer Experience 156

Customer Experience Authentication Security Government 156

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

The new DevSecOps team is up and running, and you feel ready to take on rising security threats while delivering quality software updates. But that leaves just one question: how do you monitor your new program as effectively and efficiently as possible? Join Shannon Lietz, Director of DevsecOps at Intuit, and award-winning innovator, to learn the answers to these questions so you can lead your DevSecOps team to the top!

Security

Krebs on Security

APRIL 26, 2021

Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorization through Experian’s website, and it reminded me of how truly broken authentication and security remains in the credit bureau space.

Security 238

Security Authentication Insurance Sales 238

Data Breach Today

MARCH 30, 2021

Agency Describes How to Apply Its Cybersecurity Framework NIST has drafted guidelines for how to use its cybersecurity framework to address cyberthreats and other security issues that can target state and local election infrastructure and disrupt voting

Cybersecurity 174

Cybersecurity Security IT 174

Data Breach Today

JULY 3, 2020

ENISA's Rossella Mattioli Reviews New Report Rossella Mattioli, a network and information security expert at ENISA, the European Union Agency for Cybersecurity, discusses a new report offering insights on detecting network security incidents

Security 186

Security Cybersecurity Information Security 186

Data Breach Today

OCTOBER 28, 2020

Cloud Pak for Security Digital transformation is accelerating. This webinar will take a deep dive into IBM's Cloud Pak for Security where you will learn how to: Gain insights without moving your data; Respond faster to secuirty incidents with automation and investigative capabilities; Run anywhere, connect security openly Organisations are adopting SAAS solutions at increasing rates to reduce internal IT constraints and budgets.

Cloud 155

Cloud Digital transformation Security IT 155

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.

Security

Data Breach Today

NOVEMBER 13, 2020

These are the results that banking institutions can receive by shifting security to the cloud, says David Vergara of OneSpan. "Better, cheaper, faster." At a time when multi-channel fraud is surging and the customer experience is paramount, cloud needs serious consideration, he says

Cloud 165

Cloud Customer Experience Security 165

Data Breach Today

MARCH 27, 2020

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident." Meanwhile, the Maze ransomware gang is claiming Chubb is its latest victim, according to researchers at the security firm Emsisoft

Insurance 248

Insurance Security Ransomware IT 248

Data Breach Today

MAY 18, 2021

ChristianaCare CISO Anahi Santiago on Securing Hospitals Without Borders Telehealth, a remote workforce, cloud migration - these were dreams, but not reality for many healthcare CISOs pre-pandemic. Today's a new world, and ChristianaCare CISO Anahi Santiago is happy to be helping to secure it.

Cloud 164

Cloud Security IT 164

Data Breach Today

MARCH 2, 2020

Chronicle's Anton Chuvakin on How to Fill the Gaps for Analysts There are glaring holes in how enterprises currently tackle security analytics, and by redefining the approach, the analyst's role can be transformed.

Analytics 198

Analytics Security 198

Speaker: Naresh Soni, CTO, Tsunami XR

The pandemic has led to new data vulnerabilities, and therefore new cybersecurity threats. As technology leaders, it's time to rethink some of your product security strategies. Whether you need to rework your security architecture, improve performance, and/or deal with new threats, this webinar has you covered.

Security

Data Breach Today

JUNE 15, 2021

Risk 145

Risk Access Security 145

Data Breach Today

MAY 5, 2021

With all the talk of sophisticated adversaries and evolving threats to users and devices – what about threats to building management systems? Jeremy Morgan of Industrial Defender discusses this threat landscape and the role of automated tools to defend it

Security 165

Security IT 165

Data Breach Today

APRIL 23, 2021

Discussion Also Tackles Market Trends, Nation-State Threats Four editors at Information Security Media Group review important cybersecurity developments, including improving security for cryptocurrencies

Cybersecurity 166

Cybersecurity Marketing Information Security Security 166

Data Breach Today

NOVEMBER 9, 2020

Agency Requires Comprehensive Security Program As part of a settlement of allegations that Zoom "engaged in a series of deceptive and unfair practices that undermined the security of its users," the U.S.

Security 237

Security IT 237

Advertisement

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.

Paper

Data Breach Today

MAY 3, 2021

Permanent Fix Replaces Earlier Workaround Ivanti, parent company of Pulse Secure, published a permanent fix Monday for a zero-day vulnerability in Pulse Connect Secure VPN products that has been exploited to target U.S.

Security 173

Security Government 173

Data Breach Today

MAY 28, 2021

FireEye: Attackers Using New Malware and Procedures Two China-linked threat groups are still exploiting unpatched flaws in Ivanti's Pulse Connect Secure VPN products, using additional malware variants to support cyberespionage, FireEye's Mandiant Threat Intelligence team says

Security 153

Security 153

Schneier on Security

APRIL 10, 2020

A good first step towards understand the security of this suddenly popular and very complex container orchestration system. Attack matrix for Kubernetes, using the MITRE ATT&CK framework.

Security 113

Security Cybersecurity 113

Data Breach Today

JULY 22, 2020

Cofense: Fraudsters Use Trusted Web Services to Evade Security Protocols A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, says Aaron Higbee of the security firm Cofense.

Phishing 190

Phishing Security 190

Data Breach Today

APRIL 20, 2021

Vulnerabilities Exploited Include a Zero-Day in Ivanti's Pulse Connect Secure The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that U.S.

Cybersecurity 221

Cybersecurity Government Security 221

Data Breach Today

JUNE 5, 2021

Cyber Security Council is a new self-regulatory body for the profession. Claudia Natanson Describes Vision of U.K.’s s New Self-Regulatory Body U.K. It is tasked by the U.K. Government to execute their vision for the U.K.

Education 207

Education Security Government IT 207

Data Breach Today

APRIL 28, 2021

Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack NIST, CISA Highlight Key Steps to Take The U.S.

Cybersecurity 164

Cybersecurity Security 164

Data Breach Today

MAY 26, 2021

After SolarWinds Attack, Agencies Are Not Making Security Upgrades, GAO Reports More than five months after the SolarWinds supply chain attack came to light, federal agencies continue to struggle with supply chain security, according to a top GAO official who testified before a House committee

Security 145

Security 145

Data Breach Today

APRIL 23, 2021

CISA Describes APT Group's Methods An advanced persistent threat group gained long-term access to an unnamed entity's network through its Ivanti Pulse Secure VPN and SolarWinds' Orion server and then installed Supernova malware, according to the U.S.

Cybersecurity 166

Cybersecurity Security Access IT 166

Data Breach Today

JUNE 18, 2021

National Security Agency has released new guidance to help federal agencies as well as business enterprises protect their unified communications channels and voice/video over IP calls from cyberthreats Guidance Spells Out Best Risk Mitigation Practices The U.S.

Communications 161

Communications Risk Security 161

Data Breach Today

NOVEMBER 19, 2020

Organizations need to build security into their cloud environments to help thwart cyberthreats, says Tom Com of VMware, who describes this "intrinsic security" approach

Cloud 152

Cloud Security 152

Data Breach Today

NOVEMBER 10, 2020

election security measures seem to have worked. Cybersecurity Strategist Warns of Pre-Inauguration Nation-State Strikes The good news: U.S. The bad news: Disinformation and misinformation campaigns continue.

Cybersecurity 235

Cybersecurity Security 235

Data Breach Today

APRIL 16, 2021

Effective software security means enabling the development team with the tools and training it needs to fix what they find. Join this session to find out best practices in remediating software vulnerabilities in smart ways

Security 169

Security IT 169

Krebs on Security

MARCH 16, 2021

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of employees at mobile stores who can be tricked or bribed into swapping control over a mobile phone number to someone else.

Security 270

Security Authentication Passwords Communications 270