What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
Blog.png 2019-03-22 07:11:03 BEST PRACTICES: How to protect yourself from the enduring scourge of malvertising (lien direct)

Malvertising is rearing its ugly head – yet again. Malicious online ads have surged and retreated in cycles since the earliest days of the Internet. Remember when infectious banner ads and viral toolbars cluttered early browsers? Related: Web application exposures redouble Historically, with each iteration of malicious ads, the online advertising industry, led by Google, […]

Blog.png 2019-03-21 15:45:05 Web application exposures continue to bedevil companies as digital transformation accelerates (lien direct)

As sure as the sun will rise in the morning, hackers will poke and prod at the web applications companies rely on – and find fresh weaknesses they can exploit. Related: Cyber spies feast on government shutdown Companies are scaling up their use of web apps as they strive to integrate digital technology into every […]

Blog.png 2019-03-21 07:05:01 GUEST ESSAY: Why there\'s no such thing as anonymity it this digital age (lien direct)

Unless you decide to go Henry David Thoreau and shun civilization altogether, you can\'t — and won\'t — stop generating data, which sooner or later can be traced back to you. Related: The Facebook factor A few weeks back I interviewed a white hat hacker. After the interview, I told him that his examples gave […]

Blog.png 2019-03-20 08:31:02 MY TAKE: Get ready to future-proof cybersecurity; the race is on to deliver \'post-quantum crypto\' (lien direct)

Y2Q. Years-to-quantum. We\'re 10 to 15 years from the arrival of quantum computers capable of solving complex problems far beyond the capacity of classical computers to solve. PQC. Post-quantum-cryptography. Right now, the race is on to revamp classical encryption in preparation for the coming of quantum computers. Our smart homes, smart workplaces and smart transportation […]

Blog.png 2019-03-19 12:00:05 NEW TECH: Exabeam retools SIEMs; applies credit card fraud detection tactics to network logs (lien direct)

Security information and event management, or SIEM, could yet turn out to be the cornerstone technology for securing enterprise networks as digital transformation unfolds. Related: How NSA cyber weapon could be used for a $200 billion ransomware caper Exabeam is a bold upstart in the SIEM space. The path this San Mateo, CA-based vendor is […]

Blog.png 2019-03-19 07:05:04 BEST PRACTICES: 6 physical security measures every company needs (lien direct)

It has never been more important to invest in proper security for your business. Laws surrounding the personal data of individuals such as the General Data Protection Regulation (GDPR) put the onus on companies to ensure that both digital and physical copies of data are secure at all times. Related: Shrinking to human attack vector […]

Blog.png 2019-03-18 09:19:00 NEW TECH: SyncDog vanquishes BYOD risk by isolating company assets on a secure mobile app (lien direct)

The conundrum companies face with the Bring Your Own Device phenomenon really has not changed much since iPhones and Androids first captured our hearts, minds and souls a decade ago. Related: Malvertising threat lurks in all browsers People demand the latest, greatest mobile devices, both to be productive and to stay connected to their personal […]

Blog.png 2019-03-15 13:02:02 MY TAKE: Microsoft\'s Active Directory lurks as a hackers\' gateway in enterprise networks (lien direct)

Many of our online activities and behaviors rely on trust. From the consumer side, for example, we trust that the business is legitimate and will take care of the sensitive personal information we share with them. But that level of trust goes much deeper on the organizational side. Related: The case for ‘zero-trust’ authentication Employees […]

Blog.png 2019-03-14 08:51:05 NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments (lien direct)

When Target fired both its CEO and CIO in 2014, it was a wake-up call for senior management. The firings came as a result of a massive data breach which routed through an HVAC contractor\'s compromised account. C-suite execs across the land suddenly realized something similar could happen to them. So they began inundating their […]

Blog.png 2019-03-13 14:36:04 NEW TECH: Votiro takes \'white-listing\' approach to defusing weaponized documents (lien direct)

It\'s hard to believe this month marks the 20th anniversary of the release of the devastating Melissa email virus which spread around the globe in March 1999. Related: The ‘Golden Age’ of cyber espionage is upon us Melissa was hidden in a weaponized Word document that arrived as an email attachment. When the recipient clicked […]

Blog.png 2019-03-13 12:19:04 MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things (lien direct)

There are certain things we as consumers have come to do intuitively: brushing our teeth in the morning; looking both ways before crossing a city street; buckling up when we get into a car. Related: What needs to happen to enable driverless transportation — safely In the not too distant future, each one of us […]

Blog.png 2019-03-12 16:30:04 MY TAKE: What the Ethiopian 737 Max 8 crash should tell us about the safety of \'smart\' jetliners (lien direct)

When news broke about the crash of a Ethiopian Airlines Boeing 737, the first question that popped into my head was whether an older 737 model, still using the flawed rudder actuator, might have been involved. Related: Historical context of the rudder flaws on older model 737s Of course it was actually the newest iteration […]

Blog.png 2019-03-04 08:11:02 MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions (lien direct)

A common thread runs through the cyber attacks that continue to defeat the best layered defenses money can buy. Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you\'ll invariably find memory hacking at the core. In fact, memory attacks have quietly […]

Blog.png 2019-03-01 22:17:03 Q&A: Why SOAR startup Syncurity is bringing a \'case-management\' approach to threat detection (lien direct)

There\'s a frantic scramble going on among those responsible for network security at organizations across all sectors. Related: Why we’re in the Golden Age of cyber espionage Enterprises have dumped small fortunes into stocking their SOCs (security operations centers) with the best firewalls, anti-malware  suites, intrusion detection, data loss prevention and sandbox detonators money can […]

Blog.png 2019-02-27 08:25:05 MY TAKE: Why the next web-delivered ad you encounter could invisibly infect your smartphone (lien direct)

Google, Facebook and Amazon have gotten filthy rich doing one thing extremely well: fixating on every move each one of us makes when we use our Internet-connected computing devices. Related: Protecting web gateways The tech titans have swelled into multi-billion dollar behemoths by myopically focusing on delivering targeted online advertising, in support of online retailing. […]

Blog.png 2019-02-26 08:34:00 GUEST ESSAY: Repelling social engineering attacks requires shoring up the weakest link: humans (lien direct)

The problem with social engineering attacks is that they capitalize on the weakest link on any computer or network system: You! Avoiding social engineering attacks requires you to understand what they are and how they work. Related: Why diversity needs to be part of security training Social engineering takes advantage of human psychology to attack […]

Blog.png 2019-02-25 08:25:01 MY TAKE: Identity \'access\' and \'governance\' tech converge to meet data protection challenges (lien direct)

As companies make more extensive use of evermore capable – and complex — digital systems, what has remained constant is the innumerable paths left wide open for threat actors to waltz through. Related: Applying ‘zero trust’ to managed security services. So why hasn\'t the corporate sector been more effective at locking down access for users? […]

Blog.png 2019-02-20 16:42:05 MY TAKE: Here\'s why the Internet Society\'s new Privacy Code of Conduct deserves wide adoption (lien direct)

It\'s time to encourage businesses to adopt the New Privacy Code of Conduct to protect users When Facebook founder Mark Zuckerberg infamously declared that privacy “is no longer a social norm” in 2010, he was merely parroting a corporate imperative that Google had long since established. That same year, then-Google CEO Eric Schmidt publicly admitted […]

Blog.png 2019-02-15 12:52:05 MY TAKE: What it takes to beat cybercrime in the age of DX and IoT: personal responsibility (lien direct)

Back in 2004, when I co-wrote this USA TODAY cover story about spam-spreading botnets, I recall advising my editor to expect cybersecurity to be a headline-grabbing topic for a year or two more, tops. Related:  A primer on machine-identity exposures I was wrong. Each year over the past decade-and-a-half, a cause-and-effect pattern has spread more […]

Blog.png 2019-02-12 09:05:00 MY TAKE: Can Project Furnace solve DX dilemma by combining serverless computing and GitOps? (lien direct)

Assuring the privacy and security of sensitive data, and then actually monetizing that data, — ethically and efficiently — has turned out to be the defining challenge of digital transformation. Today a very interesting effort to address this complex dilemma is arising from the ferment, out of the UK. It\'s called Project Furnace, an all-new […]

Blog.png 2019-02-12 00:03:01 GUEST ESSAY: Australia\'s move compelling VPNs to cooperate with law enforcement is all wrong (lien direct)

The moment we\'ve all feared has finally come to pass. When government agencies and international intelligence groups pooled together resources to gather user data, the VPN\'s encryption seemed like the light at the end of the tunnel. Related: California enacts pioneering privacy law However, it looks like things are starting to break apart now that […]

Blog.png 2019-02-06 13:29:04 MY TAKE: Why Satya Nadella is wise to align with privacy advocates on regulating facial recognition (lien direct)

We\'re just a month and change into the new year, and already there have been two notable developments underscoring the fact that some big privacy and civil liberties questions need to be addressed before continuing the wide-scale deployment of advanced facial recognition systems. This week civil liberties groups in Europe won the right to challenge […]

Blog.png 2019-02-01 09:04:04 MY TAKE: Why companies should care about 2.2 billion stolen credentials circulating in easy reach (lien direct)

Some chilling hard evidence has surfaced illustrating where stolen personal information ultimately ends up, once it has flowed through the nether reaches of the cyber underground. Wired magazine reported this week on findings by independent security researchers who have been tracking the wide open availability of a massive cache of some 2.2 billion stolen usernames, […]

Blog.png 2019-01-31 09:30:02 MY TAKE: \'Bashe\' attack theorizes a $200 billion ransomware raid using NSA-class cyber weapons (lien direct)

A report co-sponsored by Lloyd\'s of London paints a chilling scenario for how a worldwide cyberattack could trigger economic losses of some $200 billion for companies and government agencies ill-equipped to deflect a very plausible ransomware attack designed to sweep across the globe. Related: U.S. cyber foes exploit government shutdown The Cyber Risk Management (CyRiM) […]

Blog.png 2019-01-30 09:35:00 NEW TECH: This free tool can help gauge, manage third-party cyber risk; it\'s called \'VRMMM\' (lien direct)

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 million patients when hackers gained unauthorized access to databases operated by a third-party billing vendor. Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after  their […]

Blog.png 2019-01-28 09:09:04 MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace (lien direct)

Would you back out of a driveway without first buckling up, checking the rear view mirror and glancing behind to double check that the way is clear? Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. Yet it\'s my […]

Blog.png 2019-01-24 01:57:04 MY TAKE: US cyber adversaries take cue from shutdown to accelerate malware deployment (lien direct)

One profound consequence of Donald Trump\'s shutdown of the federal government, now in day 33, is what a boon it is to US cyber adversaries. And moving forward, the long run ramifications are likely to be dire, indeed. Related: Welcome to the ‘golden age’ of cyber espionage With skeleton IT crews manning government networks, America\'s […]

Blog.png 2019-01-22 19:10:01 GUEST POST: Six tangible ways \'SOAR\' can help narrow the cybersecurity skills gap (lien direct)

The cybersecurity talent shortage is here to stay. With an estimated 1.5-2 million unfulfilled cybersecurity positions, organizations are coming to terms with the fact that no amount of creative hiring initiatives will rid them of the need of figuring out how to protect their organizations despite being short staffed. Related: Addressing the cyber skills gap […]

Blog.png 2019-01-18 19:42:04 GUEST ESSAY: Why the hack of South Korea\'s weapons, munitions systems was so predictable (lien direct)

The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. The breach of some 30 computers of South Korea’s Defense Acquisition Program Administration (DAPA), which is part of the Ministry of National Defense, […]

Blog.png 2019-01-16 08:30:05 GUEST ESSAY: What your company should know about addressing Kubernetes security (lien direct)

Kubernetes is one of many key enabling technologies of digital transformation that has tended to remain obscure to non-technical company decision makers. Related podcast: Securing software containers Kubernetes is an administration console — an open source project from Google that makes containerized software applications easy to  deploy, scale, and manage. As beneficial as Kubernetes is […]

Blog.png 2019-01-14 08:43:00 Q&A: Here\'s why robust \'privileged access management\' has never been more vital (lien direct)

Malicious intruders have long recognized that getting their hands on privileged credentials equates to possessing the keys to the kingdom. This is because privileged accounts are widely deployed all across modern business networks — on-premises, in the cloud, across DevOps environments and on endpoints. Related: California enacts pioneering privacy law However, lacking robust protection, privileged accounts, […]

Blog.png 2019-01-08 06:05:02 Q&A: Why emerging IoT platforms require the same leading-edge security as industrial controls (lien direct)

The heyday of traditional corporate IT networks has come and gone. In 2019, and moving ahead, look for legacy IT business networks to increasingly intersect with a new class of networks dedicated to controlling the operations of a IoT-enabled services of all types, including smart buildings, IoT-enabled healthcare services and driverless cars. Related: Why the […]

Blog.png 2019-01-07 22:04:02 Port Covington, MD re-emerges as \'CyberTown, USA\' - ground zero for cybersecurity research (lien direct)

When CyberTown, USA is fully built out, it\'s backers envision it emerging as the world\'s premier technology hub for cybersecurity and data science. DataTribe, a Fulton, MD-based cybersecurity startup incubator, has been a key backer of this ambitious urban redevelopment project, which broke ground last October in Port Covington, MD, once a bustling train stop […]

Blog.png 2018-12-26 09:53:03 GUEST ESSAY: The case for engaging in \'threat hunting\' - and how to do it effectively (lien direct)

Modern cyber threats often are not obvious – in fact it is common for them to lurk inside a business\' systems for a long time without anyone noticing. This is referred to as \'dwell time\', and a recent report from the Ponemon Institute indicates that the average dwell time is 191 days. Related podcast: The […]

Blog.png 2018-12-20 08:51:01 GUEST ESSAY: Top cybersecurity developments that can be expected to fully play out in 2019 (lien direct)

From a certain perspective, 2018 hasn\'t been as dramatic a cybersecurity year as 2017, in that we haven\'t seen as many global pandemics like WannaCry. Related: WannaCry signals worse things to come. Still, Ransomware, zero-day exploits, and phishing attacks, were among the biggest threats facing IT security teams this year. 2018 has not been a […]

Blog.png 2018-12-17 08:34:00 GUEST ESSAY: The true cost of complacency, when it comes to protecting data, content (lien direct)

Facebook was lucky when the Information Commissioner\'s Office (ICO)-the UK\'s independent authority set up to uphold information rights in the public interest-hit the U.S. social media company with a £500,000 fine. Related: Zuckerberg’s mea culpa rings hollow This penalty was in connection with Facebook harvesting user data, over the course of seven years — between […]

Blog.png 2018-12-12 08:06:05 GUEST ESSAY: Why corporate culture plays such a pivotal role in deterring data breaches (lien direct)

Picture two castles. The first is impeccably built – state of the art, with impenetrable walls, a deep moat, and so many defenses that attacking it is akin to suicide. The second one isn\'t quite as well-made. The walls are reasonably strong, but there are clear structural weaknesses. And while it does have a moat, […]

Blog.png 2018-12-11 16:46:04 NetSecOPEN names founding members, appoints inaugural board of directors (lien direct)

SAN JOSE, Calif. – Dec. 11, 2018 – NetSecOPEN, the first industry organization focused on the creation of open, transparent network security performance testing standards, today announced that 11 prominent security vendors, test solutions and services vendors, and testing laboratories have joined the organization as founding members. Related podcast: The importance of sharing alliances The […]

Blog.png 2018-12-10 08:17:00 GUEST ESSAY: \'Tis the season - to take proactive measures to improve data governance (lien direct)

The holiday season is upon us and the bright lights and greenery aren\'t the only indicators that we\'ve reached December. Sadly, data breaches often occur at this time of year. Recently we\'ve seen major news stories about breaches at Starwood Hotels and Quora. Related podcast: The need to lock down unstructured data Last year, at […]

Blog.png 2018-12-06 08:22:02 GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community (lien direct)

The United States Intelligence Community, or IC, is a federation of 16 separate U.S. intelligence agencies, plus a 17th administrative office. The IC gathers, stores and processes large amounts of data, from a variety of sources,  in order to provide actionable information for key stakeholders. And, in doing so, the IC has developed an effective […]

Blog.png 2018-12-05 08:27:01 GUEST ESSAY: Atrium Health data breach highlights lingering third-party exposures (lien direct)

The healthcare industry has poured vast resources into cybersecurity since 2015, when a surge of major breaches began.  While the nature of these breaches has evolved over the last four years, the growth in total healthcare incidents has unfortunately continued unabated. Related: How to get of HIPAA hit list The recent disclosure from Atrium Health […]

Blog.png 2018-12-03 08:47:02 MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks (lien direct)

I have a Yahoo email account, I\'ve shopped at Home Depot and Target, my father was in the military and had a security clearance, which included a dossier on his family, archived at the U.S. Office of Personnel Management, I\'ve had insurance coverage from Premera Blue Cross and I\'ve stayed at the Marriott Marquis in […]

Blog.png 2018-11-30 09:11:02 MY TAKE: Why security innovations paving the way for driverless cars will make IoT much safer (lien direct)

Intelligent computing systems have been insinuating themselves into our homes and public gathering places for a while now. But smart homes, smart workplaces and smart shopping malls are just the warm-up act. Get ready for smart ground transportation. Related: Michigan’s Cyber Range hubs help narrow talent gap Driverless autos, trucks and military transport vehicles are […]

Blog.png 2018-11-28 08:55:03 MY TAKE: Michigan\'s Cyber Range hubs provide career paths to high-schoolers, underutilized adults (lien direct)

Michigan is cultivating a collection of amazing cybersecurity training facilities, called Cyber Range hubs, that are shining models for what\'s possible when inspired program leaders are given access to leading-edge resources, wisely supplied by public agencies and private foundations. As a guest of the Michigan Economic Development Corporation, I recently had the chance to tour […]

Blog.png 2018-11-27 09:05:05 GUEST ESSAY: 5 anti-phishing training tools that can reduce employees\' susceptibility to scams (lien direct)

The vast majority of cyber attacks against organizations pivot off the weakest security link: employees.  The good news is that companies today have ready access to a wide variety of tools that can simulate common types of attacks and boost employee awareness. Here\'s a guide to five such services. PhishMe This tool, from Cofense, proactively […]

Blog.png 2018-11-26 08:51:02 MY TAKE: Michigan\'s cybersecurity readiness initiatives provide roadmap others should follow (lien direct)

Michigan is known as the Wolverine State in deference to the ornery quadruped that roams its wild country. However, after a recent visit to Detroit, Ann Arbor and Grand Rapids as a guest of the Michigan Economic Development Corp., or MEDC, I\'m prepared to rechristen Michigan the Cybersecurity Best Practices State. Related:  California’s pioneering privacy […]

Blog.png 2018-11-21 08:58:05 GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow (lien direct)

Privacy regulations and legislation are topics that continue to be of concern for consumers and businesses alike.  News of data breaches, data vulnerabilities and compromised private information is released almost daily from businesses both small and large. Related: Europe’s GDPR ushers in new privacy era Legislation has recently been proposed for individual states, addressing data […]

Blog.png 2018-11-19 08:26:05 GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore (lien direct)

Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. A  string of advances in biometric authentication systems has brought facial recognition systems, in particular, to the brink of wide commercial use. Related: Drivers behind facial recognition boom Adoption of facial recognition technology is fast […]

Blog.png 2018-11-15 16:48:01 New DigiCert poll shows companies taking monetary hits due to IoT-related security missteps (lien direct)

Even as enterprises across the globe hustle to get their Internet of Things business models up and running, there is a sense of  foreboding about a rising wave of IoT-related security exposures. And, in fact, IoT-related security incidents have already begun taking a toll at ill-prepared companies. Related: How to hire an IoT botnet — […]

Blog.png 2018-11-13 08:52:03 NEW TECH: Cequence Security launches platform to shield apps, APIs from malicious botnets (lien direct)

Cyber criminals are deploying the very latest in automated weaponry, namely botnets, to financially plunder corporate networks. The attackers have a vast, pliable attack surface to bombard: essentially all of the externally-facing web apps, mobile apps and API services that organizations are increasingly embracing, in order to stay in step with digital transformation. Related: The […]

1 2 3 4 5

Information mise à jours le: 2019-03-23 12:01:42
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter