What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-06-04 15:12:05 | GUEST ESSAY: The story behind how DataTribe is helping to seed \'Cybersecurity Valley\' in Maryland (lien direct) | There's oil in the state of Maryland – “cyber oil.” With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” Related: Port Covington cyber hub project gets underway That's because Maryland is home to more than 40 government agencies […] | ★★★★ | ||
|
2019-05-28 08:26:05 | GUEST ESSAY: Only cloud-based security can truly protect cloud-delivered web applications (lien direct) | Web applications have become central for the existence and growth of any business. This is partly the result of Software as a Service, or SaaS, becoming a preferred mode of consumption for software services. Related: AppTrana free trial offer Most companies today own a web application and if that application is an integral part of […] | |||
|
2019-05-22 16:08:03 | GUEST ESSAY: Dear America, Facebook is an addictive digital drug of little productive value (lien direct) | Social media consumers are getting wise to the joke that when the product is free, they're the ones being sold. But despite the growing threat of consumer exploitation, Washington still shrinks from confronting our social media giants. Why? Because the social giants have convinced the chattering class that America simply can't do without them. Confront […] | Threat | ||
|
2019-05-20 19:26:00 | MY TAKE: Android users beware: Google says \'potentially harmful apps\' on the rise (lien direct) | Even if your company issues you a locked-down smartphone, embracing best security practices remains vital Our smartphones. Where would we be without them? Related Q&A: Diligence required of Android users If you're anything like me, making a phone call is the fifth or sixth reason to reach for your Android or iPhone. Whichever OS you […] | |||
|
2019-05-14 13:47:03 | BEST PRACTICES: The case for \'adaptive MFA\' in our perimeter-less digital environment (lien direct) | One of the catch phrases I overheard at RSA 2019 that jumped out at me was this: “The internet is the new corporate network.” Related: ‘Machine identities’ now readily available in the Dark Net Think about how far we've come since 1999, when the Y2K scare alarmed many, until today, with hybrid cloud networks the […] | |||
|
2019-05-10 19:30:04 | GUEST ESSAY: How stealth, persistence allowed Wipro attacker to plunder supply chain (lien direct) | The recent network breach of Wipro, a prominent outsourcing company based in India, serves as a stunning reminder that digital transformation cuts two ways. Our rising dependence on business systems that leverage cloud services and the gig economy to accomplish high-velocity innovation has led to a rise in productivity. However, the flip side is that […] | |||
|
2019-05-08 13:14:04 | Q&A: Here\'s why Android users must remain vigilant about malicious apps, more so than ever (lien direct) | Android users – and I'm one – are well-advised to be constantly vigilant about the types of cyberthreats directed, at any given time, at the world's most popular mobile device operating system. Related: Vanquishing BYOD risks Attacks won't relent anytime soon, and awareness will help you avoid becoming a victim. It's well worth it to […] | |||
|
2019-05-08 08:28:05 | NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices (lien direct) | No matter how reliant we ultimately become on cloud storage and streaming media, it's hard to image consumers ever fully abandoning removable storage devices. There's just something about putting your own two hands on a physical device, whether it's magnetic tape, or a floppy disk, or a CD. Today, it's more likely to be an […] | |||
|
2019-05-07 08:19:04 | NEW TECH: SlashNext dynamically inspects web page contents to detect latest phishing attacks (lien direct) | Humans are fallible. Cyber criminals get this. Human fallibility is the reason social engineering has proven to be so effective – and why phishing persists. Consider these metrics from messaging security firm Proofpoint: •Email-based corporate credential phishing attacks quadrupled in Q3 2018 vs. the previous quarter. •Web-based social engineering attacks jumped 233% vs. the previous […] | |||
|
2019-05-06 13:40:04 | Q&A: The drivers behind the stark rise - and security implications - of \'memory attacks\' (lien direct) | A distinctive class of hacking is rising to the fore and is being leveraged by threat actors to carry out deep, highly resilient intrusions of well-defended company networks. Related: Memory hacking becomes a go-to tactic These attacks are referred to in the security community as “fileless attacks” or “memory attacks.” The latter conveys a more […] | Threat | ||
|
2019-05-03 06:05:02 | GUEST ESSAY: Six risks tied to social media marketing that all businesses should heed (lien direct) | While the internet and social media have been very positive for businesses, there remains an inherent risk when it comes to how brands manage their Facebook, Twitter, and Instagram accounts. Related: Defusing weaponized documents While social media on every platform has benefits, there remains risks that must be addressed so as to keep your companies' […] | |||
|
2019-05-02 08:44:03 | MY TAKE: \'Cyberthreat index\' shows SMBs recognize cyber risks - struggling to deal with them (lien direct) | Small and midsize businesses - so-called SMBs - face an acute risk of sustaining a crippling cyberattack. This appears to be even more true today than it was when I began writing about business cyber risks at USA TODAY more than a decade ago. Related: ‘Malvertising’ threat explained However, one small positive step is that […] | Threat | ||
|
2019-05-01 09:11:04 | BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered (lien direct) | Defending a company network is a dynamic, multi-faceted challenge that continues to rise in complexity, year after year after year. Related: Why diversity in training is a good thing. Yet there is a single point of failure common to just about all network break-ins: humans. Social engineering, especially phishing, continues to trigger the vast majority […] | |||
|
2019-04-30 08:59:05 | MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks (lien direct) | If your company is participating in the global supply chain, either as a first-party purchaser of goods and services from other organizations, or as a third-party supplier, sooner or later you'll encounter the NIST Cybersecurity Framework. Related: How NIST protocols fit SMBs The essence of the NIST CSF is showing up in the privacy regulations […] | |||
|
2019-04-29 09:11:01 | NEW TECH: How Semperis came to close a huge gap in Active Directory disaster preparedness (lien direct) | In today's complex IT environments, a million things can go wrong, though only a few systems touch everything. Related: Why Active Directory is so heavily targeted For companies running Microsoft Windows, one such touch-all systems is Active Directory, or AD, the software that organizes and provides access to information across the breadth of Windows systems. […] | |||
|
2019-04-24 14:50:04 | MY TAKE: How digital technology and the rising gig economy are exacerbating third-party risks (lien direct) | Accounting for third-party risks is now mandated by regulations — with teeth. Related: Free ‘VRMM’ tool measures third-party exposure Just take a look at Europe's GDPR, NYDFS's cybersecurity requirements or even California's newly minted Consumer Privacy Act. What does this mean for company decision makers, going forward, especially as digital transformation and expansion of the […] | Tool | ||
|
2019-04-23 20:52:04 | NEW TECH: Alcide introduces a “microservices firewall” as a dynamic \'IaaS\' market takes shape (lien direct) | As a tech reporter at USA TODAY, I wrote stories about how Google fractured Microsoft's Office monopoly, and then how Google clawed ahead of Apple to dominate the global smartphone market. Related: A path to fruition of ‘SecOps’ And now for Act 3, Google has thrown down the gauntlet at Amazon, challenging the dominant position […] | |||
|
2019-04-22 18:12:02 | NEW TECH: Circadence deploys \'gamification\' training to shrink cybersecurity skills gap (lien direct) | It's clear that closing the cybersecurity skills gap has to happen in order to make our internet-centric world as private and secure as it ought to be. Related: The need for diversity in cybersecurity personnel One of the top innovators in the training space is Circadence®. The Boulder, CO-based company got its start in the […] | |||
|
2019-04-18 22:19:00 | MY TAKE: Most companies blissfully ignorant of rising attacks on most-used endpoint: mobile devices (lien direct) | A dozen years after Apple launched the first iPhone, igniting the smartphone market, the Bring Your Own Device to work phenomenon is alive and well. Related: Stopping mobile device exploits. The security issues posed by BYOD are as complex and difficult to address as ever. Meanwhile, the pressure for companies to proactively address mobile security […] | |||
|
2019-04-18 08:46:03 | NEW TECH: Brinqa takes a \'graph database\' approach to vulnerability management, app security (lien direct) | Imposing just the right touch of policies and procedures towards mitigating cyber risks is a core challenge facing any company caught up in digital transformation. Related: Data breaches fuel fledgling cyber insurance market Enterprises, especially, tend to be methodical and plodding. Digital transformation is all about high-velocity innovation and on-the-fly change. The yawning gap between […] | Vulnerability | ||
|
2019-04-17 18:11:01 | Q&A: Researchers find evidence of emerging market for stolen, spoofed machine identities (lien direct) | It's edifying what you can find shopping in the nether reaches of the dark web. Related: Why government encryption backdoors should never be normalized. Academic researchers from Georgia State University in the U.S. and the University of Surrey in the U.K. recently teamed up and found evidence of an emerging market for stolen and spoofed […] | |||
|
2019-04-16 09:04:03 | Q&A: How AI, digital transformation are shaking up revenue management in high tech, life sciences (lien direct) | A recent poll of some 300 senior executives from U.S.-based life sciences and high-tech manufacturing companies sheds light on how digital transformation – and the rising role of third-party partners – have combined to create unprecedented operational challenges in the brave new world of digital commerce. Related: AI one-upsmanship prevails in antivirus field Model N's […] | |||
|
2019-04-12 15:46:03 | Q&A: How cutting out buzzwords could actually ease implementation of powerful security tools (lien direct) | The central dilemma posed by digital transformation is this: How do companies reap the benefits of high-velocity software development without creating onerous security exposures? Related: Golden Age of cyber spying dawns The best practices standards and protocols to pull off this delicate balancing act have been thoroughly vetted and are readily available. And there's certainly […] | |||
|
2019-04-11 18:56:05 | NEW TECH: Critical Start delivers managed security services with \'radical transparency\' (lien direct) | It was in 2012 that CRITICALSTART burst onto the Managed Security Service Provider (MSSP) scene with bold intentions. Related: How SMBs can leverage threat intelligence. The Plano, TX-based company sought to elevate the “MSSP” space high above the accepted standard at the time. It set out to do this by delivering security services based on […] | Threat | ||
|
2019-04-11 08:18:04 | NEW TECH: \'Network Traffic Analysis\' gets to ground truth about data moving inside the perimeter (lien direct) | Digital transformation is all about high-velocity innovation. But velocity cuts two ways. Related: Obsolescence creeps into perimeter defenses Yes, the rapid integration of digital technologies into all aspects of commerce has enabled wonderful new services. But it has also translated into an exponential expansion of the attack surface available to cyber criminals. This has led […] | |||
|
2019-04-10 16:27:04 | MY TAKE: Account hijackers follow small banks, credit unions over to mobile banking apps (lien direct) | As long as cyber attacks continue, financial institutions will remain a prime target, for obvious reasons. Related: OneSpan’s rebranding launch Outside of giants JP Morgan, Bank of America, Citigroup, Wells Fargo and U.S. Bancorp, the remainder of the more than 10,000 U.S. firms are comprised of community banks and regional credit unions. These smaller institutions, […] | |||
|
2019-04-08 08:59:03 | MY TAKE: What \'fake news\' really is: digital disinformation intended to disrupt, manipulate (lien direct) | President Trump's constant mislabeling of mainstream news reports he doesn't appreciate as “fake news” has done much to muddle the accurate definition of this profound global force – and obscure the societal damage this rising phenomenon is precipitating. Related: The scourge of ‘malvertising’ Fake news is the willful spreading of disinformation. Yes, much of political […] | |||
|
2019-04-05 15:42:04 | MY TAKE: How \'CASBs\' are evolving to close the security gaps arising from digital transformation (lien direct) | The Cloud Access Security Broker (CASB) space is maturing to keep pace with digital transformation. Related: CASBs needed now, more than ever Caz-bees first took shape as a cottage industry circa 2013 to 2014 in response to a cry for help from companies reeling from new Shadow IT exposures: the risk created by early-adopter employees, […] | |||
|
2019-04-04 00:15:02 | NEW TECH: CloudKnox takes aim at securing identity privileges for humans - and non-humans (lien direct) | Companies are embracing hybrid cloud deployments like never before, mixing and matching on-premises IT systems with off-premises cloud services. Related: Machine identities present wide open attack vector To accomplish this, they must grant and manage access privileges to human identities: remote employees, third-party suppliers and far-flung customers. Arguably even more vital is the granting of […] | |||
|
2019-04-03 16:19:00 | BEST PRACTICES: Rising complexities of provisioning identities has pushed \'IGA\' to the fore (lien direct) | Identity governance and administration, or IGA, has suddenly become a front-burner matter at many enterprises. Related: Identity governance issues in the age of digital transformation This is, in large part, because the complexity of business networks continues to escalate at a time when compliance mandates are intensifying. I had the chance at RSA 2019 to […] | |||
|
2019-03-29 08:11:02 | Q&A: How cybersecurity has become a primal battleground for AI one-upsmanship (lien direct) | A discussion of how – and why – adversaries are using artificial intelligence to juice up malicious activities When antivirus (AV) software first arrived in the late 1980s, the science of combating computer viruses was very straightforward. AV kept close track of known malicious files, and then quarantined or deleted any known malware that had […] | Malware | ||
|
2019-03-28 18:31:03 | MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G (lien direct) | A couple of high-profile distributed denial-of-service (DDoS) attacks will surely go down in history as watershed events – each for different reasons. Related: IoT botnets now available for economical DDoS blasts In March 2013, several impossibly massive waves of nuisance requests – peaking as high as 300 gigabytes per second-swamped Spamhaus, knocking the anti-spam organization […] | |||
|
2019-03-26 20:29:02 | NEW TECH: Cequence Security deploys defense against botnets\' assault on business logic (lien direct) | One way to grasp how digital transformation directly impacts the daily operations of any organization – right at this moment — is to examine the company's application environment. Related: How new exposures being created by API sprawl Pick any company in any vertical – financial services, government, defense, manufacturing, insurance, healthcare, retailing, travel and hospitality […] | |||
|
2019-03-26 07:05:00 | Cloud computing 101: basic types and business advantages of cloud-delivered services (lien direct) | If you are looking for a simpler method of managing issues such as storage, software, servers and database, cloud computing could have the answers that your business needs. The cloud is becoming increasingly popular around the world, as organisations are starting to understand the organisational and cost benefits to using them. Related: Using a ‘zero-trust’ […] | |||
|
2019-03-25 17:42:04 | NEW TECH: Data Theorem helps inventory sprawling APIs - as the first step to securing them (lien direct) | Remember when software used to come on CDs packaged in shrinked-wrapped boxes, or even before that, on floppy disks? Related: Memory-based attacks on the rise If you bought a new printer and wanted it to work on your desktop PC, you'd have to install a software driver, stored on a floppy disk or CD, to […] | |||
|
2019-03-22 07:11:03 | BEST PRACTICES: How to protect yourself from the enduring scourge of malvertising (lien direct) | Malvertising is rearing its ugly head – yet again. Malicious online ads have surged and retreated in cycles since the earliest days of the Internet. Remember when infectious banner ads and viral toolbars cluttered early browsers? Related: Web application exposures redouble Historically, with each iteration of malicious ads, the online advertising industry, led by Google, […] | |||
|
2019-03-21 15:45:05 | Web application exposures continue to bedevil companies as digital transformation accelerates (lien direct) | As sure as the sun will rise in the morning, hackers will poke and prod at the web applications companies rely on – and find fresh weaknesses they can exploit. Related: Cyber spies feast on government shutdown Companies are scaling up their use of web apps as they strive to integrate digital technology into every […] | |||
|
2019-03-21 07:05:01 | GUEST ESSAY: Why there\'s no such thing as anonymity it this digital age (lien direct) | Unless you decide to go Henry David Thoreau and shun civilization altogether, you can't — and won't — stop generating data, which sooner or later can be traced back to you. Related: The Facebook factor A few weeks back I interviewed a white hat hacker. After the interview, I told him that his examples gave […] | |||
|
2019-03-20 08:31:02 | MY TAKE: Get ready to future-proof cybersecurity; the race is on to deliver \'post-quantum crypto\' (lien direct) | Y2Q. Years-to-quantum. We're 10 to 15 years from the arrival of quantum computers capable of solving complex problems far beyond the capacity of classical computers to solve. PQC. Post-quantum-cryptography. Right now, the race is on to revamp classical encryption in preparation for the coming of quantum computers. Our smart homes, smart workplaces and smart transportation […] | |||
|
2019-03-19 12:00:05 | NEW TECH: Exabeam retools SIEMs; applies credit card fraud detection tactics to network logs (lien direct) | Security information and event management, or SIEM, could yet turn out to be the cornerstone technology for securing enterprise networks as digital transformation unfolds. Related: How NSA cyber weapon could be used for a $200 billion ransomware caper Exabeam is a bold upstart in the SIEM space. The path this San Mateo, CA-based vendor is […] | Ransomware | ||
|
2019-03-19 07:05:04 | BEST PRACTICES: 6 physical security measures every company needs (lien direct) | It has never been more important to invest in proper security for your business. Laws surrounding the personal data of individuals such as the General Data Protection Regulation (GDPR) put the onus on companies to ensure that both digital and physical copies of data are secure at all times. Related: Shrinking to human attack vector […] | |||
|
2019-03-18 09:19:00 | NEW TECH: SyncDog vanquishes BYOD risk by isolating company assets on a secure mobile app (lien direct) | The conundrum companies face with the Bring Your Own Device phenomenon really has not changed much since iPhones and Androids first captured our hearts, minds and souls a decade ago. Related: Malvertising threat lurks in all browsers People demand the latest, greatest mobile devices, both to be productive and to stay connected to their personal […] | Threat | ||
|
2019-03-15 13:02:02 | MY TAKE: Microsoft\'s Active Directory lurks as a hackers\' gateway in enterprise networks (lien direct) | Many of our online activities and behaviors rely on trust. From the consumer side, for example, we trust that the business is legitimate and will take care of the sensitive personal information we share with them. But that level of trust goes much deeper on the organizational side. Related: The case for ‘zero-trust’ authentication Employees […] | |||
|
2019-03-14 08:51:05 | NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments (lien direct) | When Target fired both its CEO and CIO in 2014, it was a wake-up call for senior management. The firings came as a result of a massive data breach which routed through an HVAC contractor's compromised account. C-suite execs across the land suddenly realized something similar could happen to them. So they began inundating their […] | Data Breach | ||
|
2019-03-13 14:36:04 | NEW TECH: Votiro takes \'white-listing\' approach to defusing weaponized documents (lien direct) | It's hard to believe this month marks the 20th anniversary of the release of the devastating Melissa email virus which spread around the globe in March 1999. Related: The ‘Golden Age’ of cyber espionage is upon us Melissa was hidden in a weaponized Word document that arrived as an email attachment. When the recipient clicked […] | |||
|
2019-03-13 12:19:04 | MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things (lien direct) | There are certain things we as consumers have come to do intuitively: brushing our teeth in the morning; looking both ways before crossing a city street; buckling up when we get into a car. Related: What needs to happen to enable driverless transportation — safely In the not too distant future, each one of us […] | |||
|
2019-03-12 16:30:04 | MY TAKE: What the Ethiopian 737 Max 8 crash should tell us about the safety of \'smart\' jetliners (lien direct) | When news broke about the crash of a Ethiopian Airlines Boeing 737, the first question that popped into my head was whether an older 737 model, still using the flawed rudder actuator, might have been involved. Related: Historical context of the rudder flaws on older model 737s Of course it was actually the newest iteration […] | |||
|
2019-03-04 08:11:02 | MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions (lien direct) | A common thread runs through the cyber attacks that continue to defeat the best layered defenses money can buy. Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you'll invariably find memory hacking at the core. In fact, memory attacks have quietly […] | |||
|
2019-03-01 22:17:03 | Q&A: Why SOAR startup Syncurity is bringing a \'case-management\' approach to threat detection (lien direct) | There's a frantic scramble going on among those responsible for network security at organizations across all sectors. Related: Why we’re in the Golden Age of cyber espionage Enterprises have dumped small fortunes into stocking their SOCs (security operations centers) with the best firewalls, anti-malware suites, intrusion detection, data loss prevention and sandbox detonators money can […] | Threat | ||
|
2019-02-27 08:25:05 | MY TAKE: Why the next web-delivered ad you encounter could invisibly infect your smartphone (lien direct) | Google, Facebook and Amazon have gotten filthy rich doing one thing extremely well: fixating on every move each one of us makes when we use our Internet-connected computing devices. Related: Protecting web gateways The tech titans have swelled into multi-billion dollar behemoths by myopically focusing on delivering targeted online advertising, in support of online retailing. […] |
To see everything:
Our RSS (filtrered)
