What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-15 07:23:17 | SHARED INTEL: The expect impacts of Pres. Biden\'s imminent National Cybersecurity Strategy (lien direct) | The United States will soon get some long-awaited cybersecurity updates. Related: Spies use Tik Tok, balloons That's because the Biden administration will issue the National Cyber Strategy within days. Despite lacking an official published document, some industry professionals have already … (more…) | ★★ | ||
|
2023-02-07 11:48:31 | GUEST ESSAY: Advanced tools are ready to help SMBs defend Microsoft 365, Google Workspace (lien direct) | Throughout 2022, we saw hackers become far more sophisticated with their email-based cyber attacks. Using legitimate services and compromised corporate email addresses became a norm and is likely to continue in 2023 and beyond. Related: Deploying human sensors Additionally, with … (more…) | ★★ | ||
|
2023-02-06 16:49:30 | GUEST ESSAY: The common thread between China\'s spy balloons and Congress banning Tik Tok (lien direct) | The decision by the House of Representatives to ban TikTok from federal devices is noteworthy, especially as the Chinese spy balloon crisis unfolds. Related: The Golden Age of cyber espionage On December 23, 2022, Congress, in a bipartisan spending bill, … (more…) | ★★ | ||
|
2022-12-08 11:22:33 | GUEST ESSAY: Here\'s how and why \'trust\' presents an existential threat to cybersecurity (lien direct) | Over the years, bad actors have started getting more creative with their methods of attack – from pretending to be a family member or co-worker to offering fortunes and free cruises. Related: Deploying employees as human sensors Recent research from … (more…) | Threat | ★★ | |
|
2022-11-21 07:01:43 | GUEST ESSAY - Security practices companies must embrace to stop AI-infused cyber attacks (lien direct) | Consider what might transpire if malicious hackers began to intensively leverage Artificial Intelligence (AI) to discover and exploit software vulnerabilities systematically? Related: Bio digital twin can eradicate heart failure Cyber-attacks would become much more dangerous and much harder to detect. … (more…) | |||
|
2022-08-29 16:27:31 | GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers (lien direct) | Web application attacks directed at organizations’ web and mail servers continue to take the lead in cybersecurity incidents. Related: Damage caused by ‘business logic’ hacking This is according to Verizon’s latest 2022 Data Breach Investigations Report (DBIR). In … (more…) | Data Breach Guideline | ||
|
2022-08-23 19:02:50 | GUEST ESSAY: A breakdown of the cyber risks intrinsic to ubiquitous social media apps (lien direct) | More than half of the world-58.4 percent or 4.62 billion people-use social media. Related: Deploying human sensors to stop phishing. And while that’s incredible for staying connected with friends, organizing rallies, and sharing important messages, it’s also the reason … (more…) | |||
|
2022-08-17 07:18:02 | Black Hat Fireside Chat: MSSPs are well-positioned to help companies achieve cyber resiliency (lien direct) | Network security is in dire straits. Security teams must defend an expanding attack surface, skilled IT professionals are scarce and threat actors are having a field day. Related: The role of attack surface management That said, Managed Security Services Providers … (more…) | Threat | ||
|
2022-08-15 17:33:24 | Black Hat insights: Getting bombarded by multiple ransomware attacks has become commonplace (lien direct) | The top ransomware gangs have become so relentless that it's not unusual for two or more of them to attack the same company within a few days – or even a few hours. Related: How ‘IABs’ foster ransomware And if … (more…) | Ransomware | ||
|
2022-07-27 07:11:00 | FIRESIDE CHAT: \'Attack surface management\' has become the centerpiece of cybersecurity (lien direct) | Post Covid 19, attack surface management has become the focal point of defending company networks. Related: The importance of ‘SaaS posture management’ As digital transformation continues to intensify, organizations are relying more and more on hosted cloud processing power and … (more…) | |||
|
2022-07-14 16:39:00 | GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant - \'DeepSea phishing\' (lien direct) | Phishing itself is not a new or a particularly complicated threat. But the emergence of advanced phishing techniques – “DeepSea Phishing” – poses an entirely new challenge for enterprises. Related: Deploying human sensors Phishing comes with a simple premise – … (more…) | |||
|
2022-07-05 07:00:03 | GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever (lien direct) | Gathering intelligence has always been a key tool for organisational decision making – understanding the external operating environment is the '101' for business. How can you grasp the challenges and opportunities for your company without a deep understanding of all … (more…) | Tool | ||
|
2022-06-28 10:21:34 | Fireside chat: The inevitable replacement of VPNs by \'ZTNA\' - zero trust network access (lien direct) | Virtual Private Networks – VPNs – remain widely used in enterprise settings. Don’t expect them to disappear anytime soon. This is so, despite the fact that the fundamental design of a VPN runs diametrically opposed to zero trust security principles.… (more…) | |||
|
2022-06-27 11:54:56 | GUEST ESSAY: The many benefits of infusing application security during software \'runtime\' (lien direct) | Vulnerabilities in web applications are the leading cause of high-profile breaches. Related: Log4J's big lesson Log4j, a widely publicized zero day vulnerability, was first identified in late 2021, yet security teams are still racing to patch and protect their enterprise … (more…) | Guideline | ||
|
2022-06-23 10:25:32 | GUEST ESSAY: New SEC rules aim to help C-levels, board members quantify cyber risks (lien direct) | The U.S. Securities and Exchange Commission (SEC) is taking steps to crack down on insufficient cyber risk reporting. Related: Making third-party risk audits actionable Seeking to minimize cybersecurity threat effects, the SEC has proposed several amendments requiring organizations to … (more…) | Threat | ||
|
2022-06-22 10:48:33 | Q&A: The lesser role VPNs now play for enterprises, SMBs - in a post-pandemic world (lien direct) | During the first two decades of this century, virtual private networks -VPNs-served as a cornerstone of network security. Related: Deploying human sensors VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow … (more…) | |||
|
2022-06-21 14:31:04 | Fireside chat: New \'SASE\' weapon chokes off ransomware before attack spreads laterally (lien direct) | It's stunning that the ransomware plague persists. Related: ‘SASE’ blends connectivity and security Verizon's Data Breach Incident Report shows a 13 percent spike in 2021, a jump greater than the past years combined; Sophos' State of Ransomware survey shows victims … (more…) | Ransomware Data Breach | ||
|
2022-06-20 19:35:40 | GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web (lien direct) | The Deep & Dark Web is a mystery to most in the mainstream today: many have heard about it, but few understand just a fraction of what's going on there. Related: 'IABs' spread ransomware Planning your roadmap, executing your projects, … (more…) | Threat | ||
|
2022-06-20 11:58:52 | RSAC insights: How IABs - initial access brokers - help sustain, accelerate the ransomware plague (lien direct) | Specialization continues to advance apace in the cybercriminal ecosystem. Related: How cybercriminals leverage digital transformation Initial access brokers, or IABs, are the latest specialists on the scene. IABs flashed to prominence on the heels of gaping vulnerabilities getting discovered … (more…) | Ransomware | ||
|
2022-06-16 12:03:40 | GUEST ESSAY: Five steps to improving identity management - and reinforcing network security (lien direct) | The identity management market has grown to $13 billion and counting. While intuition would tell you enterprises have identity under control, that is far from reality. Related: Taking a zero-trust approach to access management Current events, such as the … (more…) | |||
|
2022-06-13 10:10:39 | SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 - why there\'s more to come (lien direct) | At the start of this year, analysts identified a number of trends driving the growth of cybersecurity. Among them: an expanding digital footprint, growing attack surfaces, and increasing government regulation. Related: Taking API proliferation seriously Last year saw an unprecedented … (more…) | |||
|
2022-06-09 10:39:45 | GUEST ESSAY: The Top 5 online privacy and data security threats faced by the elderly (lien direct) | What is it about the elderly that makes them such attractive targets for cybercriminals? A variety of factors play a role. Related: The coming of bio-digital twins Unlike many younger users online, they may have accumulated savings over their lives … (more…) | Threat | ||
|
2022-06-07 20:01:34 | GUEST ESSAY – The role of automation in keeping software from malicious, unintended usage (lien direct) | Writing a code can be compared to writing a letter. Related: Political apps promote division When we write a letter, we write it in the language we speak - and the one that the recipient understands. When writing a code, … (more…) | |||
|
2022-06-06 13:45:45 | RSAC insights: \'CAASM\' tools and practices get into the nitty gritty of closing network security gaps (lien direct) | Reducing the attack surface of a company's network should, by now, be a top priority for all organizations. Related: Why security teams ought to embrace complexity As RSA Conference 2022 gets underway today in San Francisco, advanced systems to help … (more…) | Tool | ||
|
2022-06-06 11:15:39 | RSAC insights: Security platforms arise to help companies discover, assess and mitigate cyber risks (lien direct) | Pity the poor CISO at any enterprise you care to name. Related: The rise of 'XDR' As their organizations migrate deeper into an intensively interconnected digital ecosystem, CISOs must deal with cyber attacks raining down on all fronts. Many are … (more…) | |||
|
2022-06-03 13:03:24 | RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares (lien direct) | The zero trust approach to enterprise security is well on its way to mainstream adoption. This is a very good thing. Related: Covid 19 ruses used in email attacks At RSA Conference 2022, which takes place next week in … (more…) | Malware | ||
|
2022-06-03 10:30:04 | RSAC insights: Software tampering escalates as bad actors take advantage of \'dependency confusion\' (lien direct) | It's not difficult to visualize how companies interconnecting to cloud resources at a breakneck pace contribute to the outward expansion of their networks' attack surface. Related: Why ‘SBOM’ is gaining traction If that wasn't bad enough, the attack surface companies … (more…) | |||
|
2022-06-02 12:50:37 | RSAC insights: How \'TPRM\' can help shrink security skills gap - while protecting supply chains (lien direct) | Third-Party Risk Management (TPRM) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments Big banks and insurance companies instilled the practice of requesting their third-party … (more…) | |||
|
2022-06-02 10:12:52 | RSAC insights: \'SaaS security posture management\' - SSPM - has emerged as a networking must-have (lien direct) | Companies have come to depend on Software as a Service – SaaS — like never before. Related: Managed security services catch on From Office 365 to Zoom to Salesforce.com, cloud-hosted software applications have come to make up the nerve center … (more…) | |||
|
2022-06-01 11:35:12 | RSAC insights: Concentric AI directs Google\'s search techniques towards locking down data sprawl (lien direct) | In order to extract value from the Internet, data sprawl first must get reined in. This has always been the case. Related: Equipping SOCs for the long haul What good is connecting applications, servers and networks across the public cloud … (more…) | |||
|
2022-05-31 10:54:34 | RSAC insights: Why vulnerability management absolutely must shift to a risk-assessment approach (lien direct) | Vulnerability management, or VM, has long been an essential, if decidedly mundane, component of network security. Related: Log4J’s long-run risks That's changing — dramatically. Advanced VM tools and practices are rapidly emerging to help companies mitigate a sprawling array of … (more…) | Tool Vulnerability | ||
|
2022-05-30 11:20:02 | GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles (lien direct) | It's no secret that cybersecurity roles are in high demand. Today there are more than 500,000 open cybersecurity roles in the U.S., leaving organizations vulnerable to cyber threats. Related: Deploying employees as threat sensors Meanwhile, 200,000 well-trained and technically skilled … (more…) | Threat | ||
|
2022-05-26 11:51:38 | GUEST ESSAY: Why organizations need to prepare for cyber attacks fueled by quantum computers (lien direct) | In today’s times, we are more aware of cyberattacks as these have become front-page news. We most recently witnessed this as Russia invaded Ukraine. Cyberattacks were used as the first salvo before any bullet or missile was fired. Related: The … (more…) | |||
|
2022-05-25 12:19:35 | GUEST ESSAY: Deploying \'XDR\' can help companies avoid the security \'vendor-silo\' trap (lien direct) | According to recent data from Oracle and KPMG, organizations today employ over 100 cybersecurity products to secure their environments. These products play essential roles in detecting and preventing threats. Related: Taking a 'risk-base' approach to security compliance However, because they … (more…) | |||
|
2022-05-24 11:17:21 | MY TAKE: Businesses gravitate to \'passwordless\' authentication - widespread consumer use up next (lien direct) | Google, Microsoft and Apple are bitter arch-rivals who don't often see eye-to-eye. Related: Microsoft advocates regulation of facial recognition tools Yet, the tech titans recently agreed to adopt a common set of standards supporting passwordless access to websites and apps.… (more…) | |||
|
2022-05-23 11:44:36 | MY TAKE: \'Digital trust\' has a huge role to play mitigating cybersecurity threats, going forward (lien direct) | Modern digital systems simply could not exist without trusted operations, processes and connections. They require integrity, authentication, trusted identity and encryption. Related: Leveraging PKI to advance electronic signatures It used to be that trusting the connection between a workstation and … (more…) | |||
|
2022-05-20 11:36:09 | GUEST ESSAY: Here\'s why managed security services - MSS and MSSP - are catching on (lien direct) | The unification revolution of cybersecurity solutions has started – and managed security service providers are leading the way. Managed security services (MSS) refer to a service model that enable the monitoring and managing of security technologies, systems, or even software-as-a-service … (more…) | Guideline | ||
|
2022-05-19 07:56:44 | GUEST ESSAY: A primer on content management systems (CMS) - and how to secure them (lien direct) | You very likely will interact with a content management system (CMS) multiple times today. Related: How ‘business logic’ hackers steal from companies For instance, the The Last Watchdog article you are reading uses a CMS to store posts, display them … (more…) | |||
|
2022-05-18 11:47:33 | MY TAKE: How \'CAASM\' can help security teams embrace complexity – instead of trying to tame it (lien direct) | The shift to software-defined everything and reliance on IT infrastructure scattered across the Internet has boosted corporate productivity rather spectacularly. Related: Stopping attack surface expansion And yet, the modern attack surface continues to expand exponentially, largely unchecked. This dichotomy cannot … (more…) | |||
|
2022-05-17 11:50:12 | NEW TECH SNAPHOT: Can \'CAASM\' help slow, perhaps reverse, attack surface expansion? (lien direct) | Defending companies as they transition to cloud-first infrastructures has become a very big problem – but it's certainly not an unsolvable one. Coming Wed., May 18: How security teams can help drive business growth — by embracing complexity. The good … (more…) | |||
|
2022-05-16 13:30:23 | GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack (lien direct) | It's a scenario executives know too well. Related: Third-party audits can hold valuable intel You and your cybersecurity team do everything correctly to safeguard your infrastructure, yet the frightening alert still arrives that you've suffered a data breach. It's a … (more…) | |||
|
2022-05-12 12:40:26 | GUEST ESSAY: Rising global tensions put us a few lines of code away from a significant cyber event (lien direct) | Reflecting on the threats and targets that we are most concerned with given the Russia-Ukraine war, cybersecurity is now the front line of our country's wellbeing. Cyber threats endanger businesses and individuals - they can affect supply chains, cause power … (more…) | ★★★ | ||
|
2022-05-09 12:02:09 | GUEST ESSAY: Best practices checklists each individual computer user still needs to follow (lien direct) | In the days of non-stop attacks on personal and work devices, the common day consumer wouldn't know where to begin in order to protect their devices. Related: Apple’s privacy stance questioned The rise of attacks is unavoidable and with the … (more…) | ★★ | ||
|
2022-05-05 11:28:04 | GUEST ESSAY: Leveraging \'zero trust\' and \'remote access\' strategies to mitigate ransomware risks (lien direct) | Ransomware? I think you may have heard of it, isn't the news full of it? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. Related: Make it costly for cybercriminals The … (more…) | Ransomware | ||
|
2022-05-02 12:01:42 | GUEST ESSAY: A primer on Biden\'s moves to protect U.S. water facilities from cyber attacks (lien direct) | Potable water and wastewater management is a top priority for cybersecurity professionals and the Biden administration alike. With new regulations and funding, companies must find the best way to implement and manage cybersecurity to protect these systems. Related: Keeping critical … (more…) | |||
|
2022-04-28 12:03:27 | GUEST ESSAY: Why automating distribution of strong passwords to employees is wise to do (lien direct) | Passwords have become ubiquitous with digital. Yet most people don't know how to use them properly. The humble password is nothing more than a digital key that opens a door.
Related: The coming of passwordless access
 People use keys to … (more…) |
|||
|
2022-04-26 19:33:26 | GUEST ESSAY: A call to blur the lines between cybersecurity training, up-skilling and higher ed (lien direct) | In a recent survey of US-based CEOs, talent shortages and cybersecurity were listed as two of the top five business concerns in 2022. Related: Cultivating ‘human sensors’ They may not entirely realize that when compounded, these two concerns could pose … (more…) | |||
|
2022-04-21 12:15:43 | GUEST ESSAY: The wisdom of taking a risk-based approach to security compliance (lien direct) | Today, all organizations are required or encouraged to meet certain standards and regulations to protect their data against cybersecurity threats. The regulations vary across countries and industries, but they are designed to protect customers from the threat of posed data … (more…) | Threat | ||
|
2022-04-19 12:12:42 | SHARED INTEL: How Russia\'s war mongering compromises those holding security clearances (lien direct) | While global commerce is an important aspect of the world economy, individuals who hold national security clearances need to be aware that some of the activities they engage in could pose a security risk and may negatively impact their security … (more…) | |||
|
2022-04-14 11:33:03 | BEST PRACTICES: Blunting \'BEC\' capers that continue to target, devastate SMBs and enterprises (lien direct) | It's no secret that cyberattacks can happen to any business, and we should all be suspicious of messages from unfamiliar senders appearing in our email inboxes. Related: Deploying human sensors But surely, we can feel confident in email communications and … (more…) |
To see everything:
Our RSS (filtrered)
