Expert insights. Personalized for you.
More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack. MORE
election security measures seem to have worked. Cybersecurity Strategist Warns of Pre-Inauguration Nation-State Strikes The good news: U.S. The bad news: Disinformation and misinformation campaigns continue. MORE
Peiter Zatko Will Help Social Media Firm That Faces Security Concerns Twitter has hired network security expert Peiter Zatko to serve in the newly created position of head of security following a series of high-profile cyber incidents. MORE
Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 289 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! MORE
Uncategorized humor passwords security questionsPosted three years ago, but definitely appropriate for the times. MORE
With the escalation of cyberattacks on the healthcare sector during the COVID-19 pandemic, supply chain partners need to strengthen their security controls and defenses, say Vishwas Gadgil of pharmaceutical firm Merck and Ed Gaudet of the consultancy Censinet. MORE
Now, how do you secure it? David Wagner of Zix on Rising to the Challenges of Cloud Remote workers, connected devices, cloud services and infrastructure - these are the elements of the new workplace. That's the challenge discussed by David Wagner, CEO of Zix MORE
A good first step towards understand the security of this suddenly popular and very complex container orchestration system. Attack matrix for Kubernetes, using the MITRE ATT&CK framework. cybersecurity opensource securityengineering MORE
These are the results that banking institutions can receive by shifting security to the cloud, says David Vergara of OneSpan. "Better, cheaper, faster." At a time when multi-channel fraud is surging and the customer experience is paramount, cloud needs serious consideration, he says MORE
Peter Yapp, former deputy director at the UK's National Cyber Security Center, provides insights on building a stronger security infrastructure MORE
Over at Lawfare: “ 2020 Is An Election Security Success Story (So Far).” ” What’s more, the voting itself was remarkably smooth. MORE
The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices MORE
Now for the big challenge - security. The "s" in IoT is for Security Ok, so the joke is a stupid oldie, but a hard truth lies within it: there have been some shocking instances of security lapses in IoT devices. IoT Security MORE
Security Researcher, CISA Director Raise Serious Concerns A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election. MORE
Walgreens and CVS Are Among the Chains Affected As more reports emerge regarding data breaches at pharmacy chains as a result of earlier break-ins and looting incidents during civil unrest, security experts are calling attention to important security issues, including the need to check physical security measures as well as encrypt mobile devices. MORE
Designing a behavioral change program requires an audit of existing security practices and where the sticking points are. MORE
Chronicle's Anton Chuvakin on How to Fill the Gaps for Analysts There are glaring holes in how enterprises currently tackle security analytics, and by redefining the approach, the analyst's role can be transformed. Dr. Anton Chuvakin of Chronicle explains how MORE
Employees are often your first line of security defense when the bad guys come calling -- providing your workers are properly trained. Security leaders share how they're raising awareness MORE
ENISA's Rossella Mattioli Reviews New Report Rossella Mattioli, a network and information security expert at ENISA, the European Union Agency for Cybersecurity, discusses a new report offering insights on detecting network security incidents MORE
The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Since the internet, especially the "internet of things," is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat. But keeping untrusted companies like Huawei out of Western infrastructure isn't enough to secure 5G. The 5G security problems are threefold. It's really too late to secure 5G networks. MORE
Organizations need to build security into their cloud environments to help thwart cyberthreats, says Tom Com of VMware, who describes this "intrinsic security" approach MORE
In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. MORE
Agency Requires Comprehensive Security Program As part of a settlement of allegations that Zoom "engaged in a series of deceptive and unfair practices that undermined the security of its users," the U.S. MORE
Security Experts Outline Their Concerns So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security MORE
Cloud Pak for Security Digital transformation is accelerating. This webinar will take a deep dive into IBM's Cloud Pak for Security where you will learn how to: Gain insights without moving your data; Respond faster to secuirty incidents with automation and investigative capabilities; Run anywhere, connect security openly Organisations are adopting SAAS solutions at increasing rates to reduce internal IT constraints and budgets. MORE
First Data's Tim Horton on Why Encryption Is Not Enough to Secure PII When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption. But that approach no longer suffices, says First Data's Tim Horton, who calls for a new multilayered defense MORE
A judge found that it infringed on four patents held by network security firm Centripetal Networks MORE
Oscar Chavez-Arietta of Sophos on Key Topics The cloud, artificial intelligence and security as a service - these are the three critical conversations that security leaders need to be having with their business counterparts, says Oscar Chavez-Arietta, vice president, Latin America, at Sophos MORE
This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity MORE
NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security. NTT Security's Khiro Mishra and WhiteHat Security's Craig Hinkley say the deal will help bring more application security - and DevSecOps - products, services and smarts to more organizations MORE
150 
A cloud computing security model needs to be customized to fit how the cloud provider serves its clients, says privacy attorney Adam Greene MORE
Spear-Phishing Campaign Aimed at Potential Attendees at 2 Upcoming Events A hacking group linked to Iran's government targeted over 100 security and policy experts who are potentially attending two upcoming security conferences with phishing emails designed to steal credentials and gather intelligence, according to Microsoft. MORE
Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident." Meanwhile, the Maze ransomware gang is claiming Chubb is its latest victim, according to researchers at the security firm Emsisoft MORE
Cofense: Fraudsters Use Trusted Web Services to Evade Security Protocols A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, says Aaron Higbee of the security firm Cofense. MORE
Its failure to properly secure chatbot software led to attackers stealing at least 9.4 Following Alerts of Potential Fraud, Ticketmaster Took 9 Weeks to Spot Big Breach Ticketmaster UK has been fined $1.7 MORE
Security Related Topics Data Breach Today
NOVEMBER 13, 2020
These are the results that banking institutions can receive by shifting security to the cloud, says David Vergara of OneSpan. "Better, cheaper, faster." At a time when multi-channel fraud is surging and the customer experience is paramount, cloud needs serious consideration, he says
Data Breach Today
NOVEMBER 19, 2020
Organizations need to build security into their cloud environments to help thwart cyberthreats, says Tom Com of VMware, who describes this "intrinsic security" approach
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
OCTOBER 28, 2020
Cloud Pak for Security Digital transformation is accelerating. This webinar will take a deep dive into IBM's Cloud Pak for Security where you will learn how to: Gain insights without moving your data; Respond faster to secuirty incidents with automation and investigative capabilities; Run anywhere, connect security openly Organisations are adopting SAAS solutions at increasing rates to reduce internal IT constraints and budgets.
Data Breach Today
NOVEMBER 9, 2020
Agency Requires Comprehensive Security Program As part of a settlement of allegations that Zoom "engaged in a series of deceptive and unfair practices that undermined the security of its users," the U.S.
Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit
You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. You feel ready to take on rising security threats while continuously delivering quality software updates. But how do you monitor your new program? Are you truly able to gauge the state of your projects? To ensure the success of this new breed of a team, you need to know the metrics to look at and how to advocate these metrics to C-Suite and stakeholders. Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.
Data Breach Today
NOVEMBER 10, 2020
election security measures seem to have worked. Cybersecurity Strategist Warns of Pre-Inauguration Nation-State Strikes The good news: U.S. The bad news: Disinformation and misinformation campaigns continue.
|
Data Breach Today
NOVEMBER 16, 2020
Its failure to properly secure chatbot software led to attackers stealing at least 9.4 Following Alerts of Potential Fraud, Ticketmaster Took 9 Weeks to Spot Big Breach Ticketmaster UK has been fined $1.7
Data Breach Today
JULY 22, 2020
Cofense: Fraudsters Use Trusted Web Services to Evade Security Protocols A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, says Aaron Higbee of the security firm Cofense.
Data Breach Today
JULY 3, 2020
ENISA's Rossella Mattioli Reviews New Report Rossella Mattioli, a network and information security expert at ENISA, the European Union Agency for Cybersecurity, discusses a new report offering insights on detecting network security incidents
Data Breach Today
NOVEMBER 17, 2020
Peiter Zatko Will Help Social Media Firm That Faces Security Concerns Twitter has hired network security expert Peiter Zatko to serve in the newly created position of head of security following a series of high-profile cyber incidents.
Speaker: Shlomo Bielak, CTO, Benchmark Corp
Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.
|
Data Breach Today
AUGUST 6, 2020
Security Researcher, CISA Director Raise Serious Concerns A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election.
Data Breach Today
JULY 31, 2020
More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack.
Schneier on Security
SEPTEMBER 18, 2020
Uncategorized humor passwords security questionsPosted three years ago, but definitely appropriate for the times.
Data Breach Today
OCTOBER 29, 2020
Spear-Phishing Campaign Aimed at Potential Attendees at 2 Upcoming Events A hacking group linked to Iran's government targeted over 100 security and policy experts who are potentially attending two upcoming security conferences with phishing emails designed to steal credentials and gather intelligence, according to Microsoft.
Speaker: Lisa Ripley: Director of eDiscovery & Information Governance, Legal Operations at Oracle & Scott McVeigh: Senior Solutions Consultant, Onna
Lisa holds the CISSP - Certified Information Systems Security Professional certification. Mergers & Acquisitions: How to Handle your Data Featuring Oracle. WEBINAR REGISTRATION. Join us live Tuesday, October 20th, 2020 11am PST | 1pm CST | 2pm EST. First Name. Last Name.
Data Breach Today
MARCH 27, 2020
Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident." Meanwhile, the Maze ransomware gang is claiming Chubb is its latest victim, according to researchers at the security firm Emsisoft
Data Breach Today
AUGUST 6, 2020
Peter Yapp, former deputy director at the UK's National Cyber Security Center, provides insights on building a stronger security infrastructure
Data Breach Today
OCTOBER 9, 2020
A judge found that it infringed on four patents held by network security firm Centripetal Networks
Data Breach Today
MARCH 2, 2020
Chronicle's Anton Chuvakin on How to Fill the Gaps for Analysts There are glaring holes in how enterprises currently tackle security analytics, and by redefining the approach, the analyst's role can be transformed. Dr. Anton Chuvakin of Chronicle explains how
Data Breach Today
NOVEMBER 16, 2020
With the escalation of cyberattacks on the healthcare sector during the COVID-19 pandemic, supply chain partners need to strengthen their security controls and defenses, say Vishwas Gadgil of pharmaceutical firm Merck and Ed Gaudet of the consultancy Censinet.
Data Breach Today
SEPTEMBER 22, 2020
Suspicious Activity Reports Reveal Tools and Techniques to Adversaries, Experts Warn What will be the impact of the leak of investigatory documents from FinCEN - the U.S. Treasury Department's Financial Crimes Enforcement Network?
Dark Reading
NOVEMBER 19, 2020
With so many people now connecting to business networks from home routers, ISP security takes on heightened importance. But is the security provided by ISPs good enough to be the only security SMBs and remote employees need
Data Breach Today
MARCH 27, 2019
NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security. NTT Security's Khiro Mishra and WhiteHat Security's Craig Hinkley say the deal will help bring more application security - and DevSecOps - products, services and smarts to more organizations
Krebs on Security
OCTOBER 28, 2020
In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware.
Data Breach Today
MAY 20, 2019
The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices
Data Breach Today
AUGUST 3, 2020
Walgreens and CVS Are Among the Chains Affected As more reports emerge regarding data breaches at pharmacy chains as a result of earlier break-ins and looting incidents during civil unrest, security experts are calling attention to important security issues, including the need to check physical security measures as well as encrypt mobile devices.
Schneier on Security
NOVEMBER 10, 2020
Over at Lawfare: “ 2020 Is An Election Security Success Story (So Far).” ” What’s more, the voting itself was remarkably smooth.
Threatpost
NOVEMBER 26, 2020
Designing a behavioral change program requires an audit of existing security practices and where the sticking points are.
Schneier on Security
APRIL 10, 2020
A good first step towards understand the security of this suddenly popular and very complex container orchestration system. Attack matrix for Kubernetes, using the MITRE ATT&CK framework. cybersecurity opensource securityengineering
Data Breach Today
JUNE 26, 2020
This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity
Data Breach Today
MARCH 5, 2020
Now, how do you secure it? David Wagner of Zix on Rising to the Challenges of Cloud Remote workers, connected devices, cloud services and infrastructure - these are the elements of the new workplace. That's the challenge discussed by David Wagner, CEO of Zix
Dark Reading
NOVEMBER 11, 2020
Employees are often your first line of security defense when the bad guys come calling -- providing your workers are properly trained. Security leaders share how they're raising awareness
Troy Hunt
NOVEMBER 25, 2020
Now for the big challenge - security. The "s" in IoT is for Security Ok, so the joke is a stupid oldie, but a hard truth lies within it: there have been some shocking instances of security lapses in IoT devices. IoT Security
Security Affairs
NOVEMBER 15, 2020
Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 289 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived!
Schneier on Security
JANUARY 14, 2020
The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Since the internet, especially the "internet of things," is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat. But keeping untrusted companies like Huawei out of Western infrastructure isn't enough to secure 5G. The 5G security problems are threefold. It's really too late to secure 5G networks.
Data Breach Today
MAY 24, 2019
First Data's Tim Horton on Why Encryption Is Not Enough to Secure PII When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption. But that approach no longer suffices, says First Data's Tim Horton, who calls for a new multilayered defense
Data Breach Today
MARCH 12, 2020
A cloud computing security model needs to be customized to fit how the cloud provider serves its clients, says privacy attorney Adam Greene
Data Breach Today
SEPTEMBER 5, 2019
Oscar Chavez-Arietta of Sophos on Key Topics The cloud, artificial intelligence and security as a service - these are the three critical conversations that security leaders need to be having with their business counterparts, says Oscar Chavez-Arietta, vice president, Latin America, at Sophos
Data Breach Today
OCTOBER 28, 2020
Security Experts Outline Their Concerns So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security
Let's personalize your content