What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
Blog.png 2019-01-18 19:42:04 GUEST ESSAY: Why the hack of South Korea\'s weapons, munitions systems was so predictable (lien direct)

The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. The breach of some 30 computers of South Korea’s Defense Acquisition Program Administration (DAPA), which is part of the Ministry of National Defense, […]

Blog.png 2019-01-16 08:30:05 GUEST ESSAY: What your company should know about addressing Kubernetes security (lien direct)

Kubernetes is one of many key enabling technologies of digital transformation that has tended to remain obscure to non-technical company decision makers. Related podcast: Securing software containers Kubernetes is an administration console — an open source project from Google that makes containerized software applications easy to  deploy, scale, and manage. As beneficial as Kubernetes is […]

Blog.png 2019-01-14 08:43:00 Q&A: Here\'s why robust \'privileged access management\' has never been more vital (lien direct)

Malicious intruders have long recognized that getting their hands on privileged credentials equates to possessing the keys to the kingdom. This is because privileged accounts are widely deployed all across modern business networks — on-premises, in the cloud, across DevOps environments and on endpoints. Related: California enacts pioneering privacy law However, lacking robust protection, privileged accounts, […]

Blog.png 2019-01-08 06:05:02 Q&A: Why emerging IoT platforms require the same leading-edge security as industrial controls (lien direct)

The heyday of traditional corporate IT networks has come and gone. In 2019, and moving ahead, look for legacy IT business networks to increasingly intersect with a new class of networks dedicated to controlling the operations of a IoT-enabled services of all types, including smart buildings, IoT-enabled healthcare services and driverless cars. Related: Why the […]

Blog.png 2019-01-07 22:04:02 Port Covington, MD re-emerges as \'CyberTown, USA\' - ground zero for cybersecurity research (lien direct)

When CyberTown, USA is fully built out, it\'s backers envision it emerging as the world\'s premier technology hub for cybersecurity and data science. DataTribe, a Fulton, MD-based cybersecurity startup incubator, has been a key backer of this ambitious urban redevelopment project, which broke ground last October in Port Covington, MD, once a bustling train stop […]

Blog.png 2018-12-26 09:53:03 GUEST ESSAY: The case for engaging in \'threat hunting\' - and how to do it effectively (lien direct)

Modern cyber threats often are not obvious – in fact it is common for them to lurk inside a business\' systems for a long time without anyone noticing. This is referred to as \'dwell time\', and a recent report from the Ponemon Institute indicates that the average dwell time is 191 days. Related podcast: The […]

Blog.png 2018-12-20 08:51:01 GUEST ESSAY: Top cybersecurity developments that can be expected to fully play out in 2019 (lien direct)

From a certain perspective, 2018 hasn\'t been as dramatic a cybersecurity year as 2017, in that we haven\'t seen as many global pandemics like WannaCry. Related: WannaCry signals worse things to come. Still, Ransomware, zero-day exploits, and phishing attacks, were among the biggest threats facing IT security teams this year. 2018 has not been a […]

Blog.png 2018-12-17 08:34:00 GUEST ESSAY: The true cost of complacency, when it comes to protecting data, content (lien direct)

Facebook was lucky when the Information Commissioner\'s Office (ICO)-the UK\'s independent authority set up to uphold information rights in the public interest-hit the U.S. social media company with a £500,000 fine. Related: Zuckerberg’s mea culpa rings hollow This penalty was in connection with Facebook harvesting user data, over the course of seven years — between […]

Blog.png 2018-12-12 08:06:05 GUEST ESSAY: Why corporate culture plays such a pivotal role in deterring data breaches (lien direct)

Picture two castles. The first is impeccably built – state of the art, with impenetrable walls, a deep moat, and so many defenses that attacking it is akin to suicide. The second one isn\'t quite as well-made. The walls are reasonably strong, but there are clear structural weaknesses. And while it does have a moat, […]

Blog.png 2018-12-11 16:46:04 NetSecOPEN names founding members, appoints inaugural board of directors (lien direct)

SAN JOSE, Calif. – Dec. 11, 2018 – NetSecOPEN, the first industry organization focused on the creation of open, transparent network security performance testing standards, today announced that 11 prominent security vendors, test solutions and services vendors, and testing laboratories have joined the organization as founding members. Related podcast: The importance of sharing alliances The […]

Blog.png 2018-12-10 08:17:00 GUEST ESSAY: \'Tis the season - to take proactive measures to improve data governance (lien direct)

The holiday season is upon us and the bright lights and greenery aren\'t the only indicators that we\'ve reached December. Sadly, data breaches often occur at this time of year. Recently we\'ve seen major news stories about breaches at Starwood Hotels and Quora. Related podcast: The need to lock down unstructured data Last year, at […]

Blog.png 2018-12-06 08:22:02 GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community (lien direct)

The United States Intelligence Community, or IC, is a federation of 16 separate U.S. intelligence agencies, plus a 17th administrative office. The IC gathers, stores and processes large amounts of data, from a variety of sources,  in order to provide actionable information for key stakeholders. And, in doing so, the IC has developed an effective […]

Blog.png 2018-12-05 08:27:01 GUEST ESSAY: Atrium Health data breach highlights lingering third-party exposures (lien direct)

The healthcare industry has poured vast resources into cybersecurity since 2015, when a surge of major breaches began.  While the nature of these breaches has evolved over the last four years, the growth in total healthcare incidents has unfortunately continued unabated. Related: How to get of HIPAA hit list The recent disclosure from Atrium Health […]

Blog.png 2018-12-03 08:47:02 MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks (lien direct)

I have a Yahoo email account, I\'ve shopped at Home Depot and Target, my father was in the military and had a security clearance, which included a dossier on his family, archived at the U.S. Office of Personnel Management, I\'ve had insurance coverage from Premera Blue Cross and I\'ve stayed at the Marriott Marquis in […]

Blog.png 2018-11-30 09:11:02 MY TAKE: Why security innovations paving the way for driverless cars will make IoT much safer (lien direct)

Intelligent computing systems have been insinuating themselves into our homes and public gathering places for a while now. But smart homes, smart workplaces and smart shopping malls are just the warm-up act. Get ready for smart ground transportation. Related: Michigan’s Cyber Range hubs help narrow talent gap Driverless autos, trucks and military transport vehicles are […]

Blog.png 2018-11-28 08:55:03 MY TAKE: Michigan\'s Cyber Range hubs provide career paths to high-schoolers, underutilized adults (lien direct)

Michigan is cultivating a collection of amazing cybersecurity training facilities, called Cyber Range hubs, that are shining models for what\'s possible when inspired program leaders are given access to leading-edge resources, wisely supplied by public agencies and private foundations. As a guest of the Michigan Economic Development Corporation, I recently had the chance to tour […]

Blog.png 2018-11-27 09:05:05 GUEST ESSAY: 5 anti-phishing training tools that can reduce employees\' susceptibility to scams (lien direct)

The vast majority of cyber attacks against organizations pivot off the weakest security link: employees.  The good news is that companies today have ready access to a wide variety of tools that can simulate common types of attacks and boost employee awareness. Here\'s a guide to five such services. PhishMe This tool, from Cofense, proactively […]

Blog.png 2018-11-26 08:51:02 MY TAKE: Michigan\'s cybersecurity readiness initiatives provide roadmap others should follow (lien direct)

Michigan is known as the Wolverine State in deference to the ornery quadruped that roams its wild country. However, after a recent visit to Detroit, Ann Arbor and Grand Rapids as a guest of the Michigan Economic Development Corp., or MEDC, I\'m prepared to rechristen Michigan the Cybersecurity Best Practices State. Related:  California’s pioneering privacy […]

Blog.png 2018-11-21 08:58:05 GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow (lien direct)

Privacy regulations and legislation are topics that continue to be of concern for consumers and businesses alike.  News of data breaches, data vulnerabilities and compromised private information is released almost daily from businesses both small and large. Related: Europe’s GDPR ushers in new privacy era Legislation has recently been proposed for individual states, addressing data […]

Blog.png 2018-11-19 08:26:05 GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore (lien direct)

Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. A  string of advances in biometric authentication systems has brought facial recognition systems, in particular, to the brink of wide commercial use. Related: Drivers behind facial recognition boom Adoption of facial recognition technology is fast […]

Blog.png 2018-11-15 16:48:01 New DigiCert poll shows companies taking monetary hits due to IoT-related security missteps (lien direct)

Even as enterprises across the globe hustle to get their Internet of Things business models up and running, there is a sense of  foreboding about a rising wave of IoT-related security exposures. And, in fact, IoT-related security incidents have already begun taking a toll at ill-prepared companies. Related: How to hire an IoT botnet — […]

Blog.png 2018-11-13 08:52:03 NEW TECH: Cequence Security launches platform to shield apps, APIs from malicious botnets (lien direct)

Cyber criminals are deploying the very latest in automated weaponry, namely botnets, to financially plunder corporate networks. The attackers have a vast, pliable attack surface to bombard: essentially all of the externally-facing web apps, mobile apps and API services that organizations are increasingly embracing, in order to stay in step with digital transformation. Related: The […]

Blog.png 2018-11-12 08:43:03 Q&A: How certifying in-house IT staffers as cyber analysts, pen testers can boost SMB security (lien direct)

A security-first mindset is beginning to seep into the ground floor of the IT departments of small and mid-sized companies across the land. Senior executives at these SMBs are finally acknowledging that a check-box approach to security isn\'t enough, and that instilling a security mindset pervasively throughout their IT departments has become the ground stakes. […]

Blog.png 2018-11-05 09:43:00 GUEST ESSAY: Did you know these 5 types of digital services are getting rich off your private data? (lien direct)

Now more than ever before, “big data” is a term that is widely used by businesses and consumers alike.  Consumers have begun to better understand how their data is being used, but many fail to realize the hidden privacy pitfalls in every day technology. Related: Europe tightens privacy rules From smart phones, to smart TVs, […]

Blog.png 2018-11-01 16:18:02 NEW TECH: How \'adaptive multi-factor authentication\' is gaining traction via partnerships (lien direct)

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Related: Why a ‘zero-trust’ approach to security is necessary One recent validation comes from two long established, and much larger cybersecurity vendors – Check Point and Palo Alto Networks – that […]

Blog.png 2018-10-29 08:56:01 GUEST ESSAY: A guide to implementing best security practices - before the inevitable breach (lien direct)

The United States has experienced the most cybersecurity breaches in the world and the Equifax Breach was one of the first to be considered a “mega breach.” The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax\'s chief information security officer was a music major and did not have […]

Blog.png 2018-10-22 08:57:01 NEW TECH: Silverfort extends \'adapative multi-factor authentication\' via key partnerships (lien direct)

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings. Related: Why a ‘zero-trust’ approach to security is necessary One recent validation comes from two long established, and much larger cybersecurity vendors – Checkpoint and Palo Alto Networks – that have […]

Blog.png 2018-10-17 09:26:04 GUEST ESSAY: Pentagon\'s security flaws highlighted in GAO audit - and recent data breach (lien direct)

Being the obvious target that it is, the U.S. Department of Defense presumably has expended vast resources this century on defending its digital assets from perennial cyber attacks. Related: Why carpet bombing email campaigns endure And yet two recent disclosures highlight just how brittle the military\'s cyber defenses remain in critical areas. By extension these […]

Blog.png 2018-10-15 18:57:03 Guest Essay: Supply chain vulnerabilities play out in latest Pentagon personnel records breach (lien direct)

It is disheartening, but not at all surprising, that hackers continue to pull off successful breaches of well-defended U.S. government strategic systems. Related podcast: Cyber attacks on critical systems have only just begun On Friday, Oct. 12, the Pentagon disclosed that intruders breached Defense Department travel records and compromised the personal information and credit card […]

Blog.png 2018-10-08 16:13:05 MY TAKE: Cyber attacks on industrial controls, operational technology have only just begun (lien direct)

“May you live in interesting times.” The old Chinese proverb–some consider it a blessing and others a curse–certainly describes the modern-day cyber landscape. Related: 7 attacks that put us at the brink of cyber war In today\'s geopolitical terrain, nation-state backed cyber criminals are widening their targets and starting to zero in on their adversaries\' […]

Blog.png 2018-09-28 14:49:01 MY TAKE: The many ways social media is leveraged to spread malware, manipulate elections (lien direct)

Remember how we communicated and formed our world views before Facebook, Twitter, Instagram, Reddit, CNN and Fox News? We met for lunch, spoke on the phone and wrote letters. We got informed, factually, by trusted, honorable sources. Remember Walter Cronkite? Today we\'re bombarded by cable news and social media. And Uncle Walt has been replaced […]

Blog.png 2018-09-24 17:03:01 Q&A: Reddit breach shows use of \'SMS 2FA\' won\'t stop privileged access pillaging (lien direct)

The recent hack of social media giant Reddit underscores the reality that all too many organizations — even high-visibility ones that ought to know better —  are failing to adequately lock down their privileged accounts. Related: 6 best practices for cloud computing An excerpt from Reddit\'s mea culpa says it all:  “On June 19, we […]

Blog.png 2018-09-21 16:21:03 MY TAKE: Here\'s why we need \'SecOps\' to help secure \'Cloud Native\' companiess (lien direct)

For many start-ups, DevOps has proven to be a magical formula for increasing business velocity. Speed and agility is the name of the game — especially for Software as a Service (SaaS) companies. Related: How DevOps enabled the hacking of Uber DevOps is a process designed to foster intensive collaboration between software developers and the […]

Blog.png 2018-09-18 17:31:05 MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook \'unstructured data\' (lien direct)

All too many companies lack a full appreciation of how vital it has become to proactively manage and keep secure “unstructured data.” One reason for the enduring waves of ransomware is that unstructured data is easy for hackers to locate and simple for them to encrypt. Related video: Why it’s high time to protect unstructured […]

Blog.png 2018-09-17 18:44:03 Q&A: The troubling implications of normalizing encryption backdoors - for government use (lien direct)

Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? We know how Vladmir Putin, Xi Jinping and Kim Jung-un  would answer: “Of course!” Related: Nation-state hacks suggest cyber war is underway The disturbing thing is that in North America […]

Blog.png 2018-09-14 20:05:00 MY TAKE: Poorly protected local government networks cast shadow on midterm elections (lien direct)

In March 2018, the city of Atlanta fell victim to a ransomware attack that shut down its computer network. City agencies were unable to collect payment. Police departments had to handwrite reports. Years of data disappeared. Related: Political propaganda escalates in U.S. The attack also brought cybersecurity to the local level. It\'s easy to think […]

Blog.png 2018-09-13 14:58:01 MY TAKE: Here\'s how diversity can strengthen cybersecurity - at many levels (lien direct)

Of the many cybersecurity executives I\'ve interviewed, Keenan Skelly\'s career path may be the most distinctive. Skelly started out as a U.S. Army Explosive Ordnance Disposal (EOD) Technician. “I was on the EOD team that was actually assigned to the White House during 9/11, so I got to see our national response framework from a […]

Blog.png 2018-09-07 17:59:05 MY TAKE: Can Hollywood\'s highly effective \'source-code\' security tools help make IoT safe? (lien direct)

Over the past couple of decades, some amazing advances in locking down software code have quietly unfolded in, of all places, Hollywood. Related: HBO hack spurs cyber insurance market Makes sense, though. Digital media and entertainment giants like Netflix, Amazon, Hulu, HBO, ESPN, Sony, and Disney are obsessive about protecting their turf. These Tinsel Town […]

Blog.png 2018-09-06 10:24:04 NEW TECH: Critical Start applies \'zero-trust\' security model to managed security services (lien direct)

All companies today are exposed to intense cyber-attacks. And yet the vast majority simply do not have the capability to effectively defend their networks. That\'s where managed security services providers, or MSSPs, come in. MSSPs monitor and manage cybersecurity systems as a contracted service. This can include spam filtering, malware detection, firewalls upkeep, vulnerability management […]

Blog.png 2018-09-05 15:29:01 MY TAKE: The amazing ways hackers manipulate \'runtime\' to disguise deep network breaches (lien direct)

There is a concept in computing, called runtime, that is so essential and occurs so ubiquitously that it has long been taken for granted. Now cyber criminals have begun to leverage this heretofore innocuous component of computing to insinuate themselves deep inside of company networks. Related: The coming wave of ‘microcode’ attacks They\'ve figured out […]

Blog.png 2018-09-04 19:18:05 Q&A: How emulating attacks in a live environment can more pervasively protect complex networks (lien direct)

Most large enterprises today can point to multi-millions of dollars expended over the past two decades erecting “layered defenses” to protect their digital systems. Yet catastrophic network breaches continue apace. Turns out there\'s a downside to “defense in depth.” Related: Obsolecense creeps into legacy systems There\'s no doubt that monitoring and continually updating all parts […]

Blog.png 2018-09-02 14:50:02 NEW TECH: WhiteSource leverages automation to mitigate lurking open-source vulnerabilities (lien direct)

Just like the best sourdough bread derives from a “mother” yeast that gets divided, passed around, and used over and over, open-source software applications get fashioned from a  “mother” library of code created and passed around by developers. Related: Equifax hack highlights open source attack vectors In today\'s world, quick innovations are a necessity, and software […]

Blog.png 2018-08-30 15:50:02 GUEST ESSAY: A call for immediate, collective action to stem attacks on industrial control systems (lien direct)

As the Industrial Internet of Things continues to transform the global industrial manufacturing and critical infrastructure industries, the threat of aggressive, innovative and dangerous cyber-attacks has become increasingly concerning. Adopting modern technology has revealed a downside: its interconnectedness. The vast web of connectivity has expanded the number of potential entry points for hackers. Unfortunately, you […]

Blog.png 2018-08-29 16:45:00 MY TAKE: Can \'Network Traffic Analysis\' cure the security ills of digital transformation? (lien direct)

If digital transformation, or DX, is to reach its full potential, there must be a security breakthrough that goes beyond legacy defenses to address the myriad new ways threat actors can insinuate themselves into complex digital systems. Network traffic analytics, or NTA, just may be that pivotal step forward. NTA refers to using advanced data […]

Blog.png 2018-08-28 10:24:04 MY TAKE: As phishers take aim at elections, why not train employees to serve as phishing police? (lien direct)

If there is a data breach or some other cybersecurity incident, a phishing attack was probably involved. Over 90 percent of incidents begin with a phishing email. One of the more infamous hacks in recent years, the DNC data breach, was the result of a phishing attack. Related: Carpet bombing of phishing emails endures Phishing […]

Blog.png 2018-08-27 10:45:05 MY TAKE: Here\'s how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack (lien direct)

Distributed denial of service (DDoS) attacks continue to erupt all across the Internet showing not the faintest hint of leveling off, much less declining, any time soon. Related video: How DDoS attacks leverage the Internet’s DNA To the contrary, DDoS attacks appear to be scaling up and getting more sophisticated in lock step with digital […]

Blog.png 2018-08-23 11:06:01 Trend Micro takes multi-pronged approach to narrowing the gaping cybersecurity skills gap (lien direct)

Remember the old adage, you can never be too thin or too rich? The software development world has its own take on that dictum-you can never be too fast. Related: Gamification training targets iGens Business demand dictates a frenetic pace for delivering new and better technology. To perfect the process, more organizations are taking a […]

Blog.png 2018-08-21 10:55:00 What companies need to know about \'SecOps\' - the path to making \'digital transformation\' secure (lien direct)

DevOps has been around for a while now, accelerating the creation of leading edge business applications by blending the development side with the operations side. It should come as no surprise that security is being formally added to DevOps, resulting in an emphasis on a process being referred to as SecOps or DevSecOps. Related: How […]

Blog.png 2018-08-20 09:05:01 GUEST ESSAY: 6 best practices that will help protect you company\'s digital assets in the cloud (lien direct)

More businesses than ever before are choosing to move their IT infrastructure and systems to cloud solutions such as Amazon Web Services and Microsoft Azure. There are many reasons to choose a cloud solution including increased flexibility and scalability, as well as reduced cost. In fact, a recent study of nearly 200 businesses and entrepreneurs […]

Blog.png 2018-08-17 08:43:00 MY TAKE: The back story on the convergence, continuing evolution of endpoint security (lien direct)

No one in cybersecurity refers to “antivirus” protection any more. The technology that corrals malicious software circulating through desktop PCs, laptops and mobile devices has evolved into a multi-layered security technology referred to as \'endpoint security.\' This designation change unfolded a few years back. It was a reflection of attackers moving to take full advantage […]

1 2 3 4 5

Information mise à jours le: 2019-01-19 06:03:28
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter