What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-20 10:08:12 | ROUNDTABLE: What\'s next, now that we know V.I.P Twitter users can so easily be spoofed? (lien direct) | Judging from the criminals' meager pay day, the high-profile hack of Twitter, disclosed last week, was nothing much.Related: Study shows disinformation runs rampant on Twitter The hackers insinuated their way deep into Twitter's internal system. They were able … (more…) | Hack | ||
|
2020-06-22 14:23:41 | MY TAKE: Remote classes, mobile computing heighten need for a security culture in K-12 schools (lien direct) | Parents have long held a special duty to protect their school-aged children from bad actors on the Internet.Related: Mock attacks help schools defend themselvesNow COVID-19 has dramatically and permanently expanded that parental responsibility, as well as extended it … (more…) | |||
|
2020-06-21 13:32:15 | SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks (lien direct) | Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Numerous strains of this destructive code have been the front-page news in global computer security chronicles for almost a decade now, with jaw-dropping ups and dramatic … (more…) | Ransomware Threat | ||
|
2020-06-17 10:00:53 | NEW TECH: Cequence Security\'s new \'API Sentinel\' helps identify, mitigate API exposures (lien direct) | Application Programming Interfaces – APIs. Without them digital transformation would never have gotten off the ground.Related: Defending botnet-driven business logic hacksAPIs made possible the astounding cloud, mobile and IoT services we have today. This happened, at a … (more…) | |||
|
2020-06-01 10:38:12 | Q&A: NIST\'s new \'Enterprise Risk Management\' guidelines push cyber risks to board level (lien direct) | Enterprise risk management (ERM) is a comparatively new corporate discipline. The basic notion is that in today's complex operating environment, it is important for businesses to proactively identify operational hazards and have a plan in place to account for them.… (more…) | |||
|
2020-05-29 15:05:17 | MY TAKE: Technologists, privacy advocates point to flaws in the Apple-Google COVID-19 tracing app (lien direct) | If the devastating health and economic ramifications weren't enough, individual privacy is also in the throes of being profoundly and permanently disrupted by the coronavirus pandemic. The tech giants are partnering on a tool for public good, but critics worry … (more…) | Tool | ||
|
2020-05-26 14:09:20 | NEW TECH: Silverfort helps companies carry out smarter human and machine authentications (lien direct) | Doing authentication well is vital for any company in the throes of digital transformation.Digital commerce would fly apart if businesses could not reliably affirm the identities of all humans and all machines, that is, computing instances, that are constantly … (more…) | |||
|
2020-05-21 17:04:30 | GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting (lien direct) | When it was first introduced, device fingerprinting – or online fingerprinting in general – was meant to create a safer, more responsible internet. The idea was that by fingerprinting devices used to connect to the internet we could achieve better … (more…) | |||
|
2020-05-13 11:27:43 | MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks (lien direct) | Chief Information Security Officers were already on the hot seat well before the COVID-19 global pandemic hit, and they are even more so today.Related: Why U.S. cybersecurity policy needs to match societal valuesCISOs must preserve and protect their … (more…) | Guideline | ||
|
2020-05-11 12:36:47 | MY TAKE: COVID-19\'s silver lining could turn out to be more rapid, wide adoption of cyber hygiene (lien direct) | Long before COVID-19, some notable behind-the-scenes forces were in motion to elevate cybersecurity to a much higher level.Related: How the Middle East has advanced mobile security regulationsOver the past couple of decades, meaningful initiatives to improve online privacy … (more…) | |||
|
2020-04-30 10:42:19 | BEST PRACTICES: How testing for known memory vulnerabilities can strengthen DevSecOps (lien direct) | DevOps wrought Uber and Netflix. In the very near future DevOps will help make driverless vehicles commonplace.Related: What’s driving ‘memory attacks’Yet a funny thing has happened as DevOps – the philosophy of designing, prototyping, testing and delivering new … (more…) | Uber | ||
|
2020-04-29 11:46:34 | NEW TECH: CASBs continue evolving to help CISOs address multiplying \'cloud-mobile\' risks (lien direct) | It can be argued that we live in a cloud-mobile business environment.Related: The ‘shared responsibility’ burdenMost organizations are all caught up, to one degree or another, in migrating to hybrid cloud networks. And startups today typically launch with … (more…) | |||
|
2020-04-28 10:50:11 | MY TAKE: Why COVID-19 \'digital distancing\' is every bit as vital as \'social distancing\' (lien direct) | As coronavirus-themed cyber attacks ramp up, consumers and companies must practice digital distancing to keep themselves protected.Related: Coronavirus scams leverage emailAs we get deeper into dealing with the coronavirus outbreak, the need for authorities and experts to communicate … (more…) | ★★ | ||
|
2020-04-27 08:56:28 | SHARED INTEL: New book on cyber warfare foreshadows attacks on elections, remote workers (lien direct) | It's difficult to convey the scope and scale of cyber attacks that take place on a daily basis, much less connect the dots between them.Related: The Golden Age of cyber spyingA new book by Dr. Chase Cunningham — … (more…) | |||
|
2020-04-22 18:57:21 | NEW TECH: Why it makes more sense for \'PAM\' tools to manage \'Activities,\' instead of \'Access\' (lien direct) | Privileged Access Management (PAM) arose some 15 years ago as an approach to restricting access to sensitive systems inside of a corporate network.Related: Active Directory holds ‘keys to the kingdom’The basic idea was to make sure … (more…) | |||
|
2020-04-16 16:21:11 | NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory (lien direct) | Ransomware continues to endure as a highly lucrative criminal enterprise.Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019. That's the precise figure recently disclosed by the FBI — the true damage … (more…) | ★★★★ | ||
|
2020-04-14 17:09:58 | SHARED INTEL: Study shows mismanagement of \'machine identities\' triggers $52 billion in losses (lien direct) | In one sense, digital transformation is all about machines.Related: Authenticating IoT devicesPhysical machines, like driverless vehicles and smart buildings; but, even more so, virtual machines. I'm referring to the snippets of “microservice” coding placed inside of … (more…) | |||
|
2020-04-13 11:11:56 | STEPS FORWARD: How the Middle East led the U.S. to adopt smarter mobile security rules (lien direct) | We've come to rely on our smartphones to live out our digital lives, both professionally and personally.When it comes to securing mobile computing devices, the big challenge businesses have long grappled with is how to protect company assets while … (more…) | |||
|
2020-04-09 16:50:18 | MY TAKE: \'Network Detection and Response\' emerges as an Internet of Things security stopgap (lien direct) | There's no stopping the Internet of Things now.Related: The promise, pitfalls of IoTCompanies have commenced the dispersal of IoT systems far and wide. Data collected by IoT devices will increasingly get ingested into cloud-centric networks where it will … (more…) | |||
|
2020-04-07 18:55:58 | SHARED INTEL: How attacks on web, mobile apps are being fueled by rising API vulnerabilities (lien direct) | Application programming interface. API. It's the glue holding digital transformation together.Related: A primer on ‘credential stuffing’APIs are the conduits for moving data to-and-fro in our digitally transformed world. APIs are literally everywhere in the digital landscape, and more … (more…) | ★★ | ||
|
2020-04-06 11:06:15 | BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams (lien direct) | Cyber criminals who specialize in plundering local governments and school districts are in their heyday.Related: How ransomware became a scourgeRansomware attacks and email fraud have spiked to record levels across the U.S. in each of the past … (more…) | Ransomware | ||
|
2020-04-01 21:04:24 | BEST PRACTICES: Why pursuing sound \'data governance\' can be a cybersecurity multiplier (lien direct) | Deploying the latest, greatest detection technology to deter stealthy network intruders will take companies only so far.Related: What we’ve learned from the massive breach of Capitol OneAt RSA 2020, I learned about how one of the routine … (more…) | |||
|
2020-03-31 15:35:09 | NEW TECH: Security Compass streamlines the insertion of security best practices into DevOps (lien direct) | DevOps is now table stakes for any company hoping to stay competitive. Speed and agility is the name of the game. And everyone's all-in.Related: A firewall for microservicesDevSecOps arose to insert security checks and balances into DevOps, aiming … (more…) | |||
|
2020-03-30 14:51:14 | NEW TECH: \'Micro-segmentation\' security vendor Guardicore seeks to disrupt firewall market (lien direct) | Agile software innovation is the order of the day. Wonderous digital services are the result.Related: Micro-segmentation taken to the personal device levelThe flip side, of course, is that an already wide-open attack surface – one that has been … (more…) | |||
|
2020-03-26 14:54:41 | Q&A: Accedian\'s Michael Rezek on using \'Network Traffic Analysis\' to defend hybrid networks (lien direct) | Defending business networks isn't getting any easier. Companies can have the latest, greatest perimeter defenses, intrusion detection systems and endpoint protections – and attackers will still get through. Just ask Equifax or Capital One.Related: Why cybersecurity should reflect … (more…) | Equifax | ||
|
2020-03-25 17:09:53 | (Déjà vu) MY TAKE: Deploying \'machine learning\' at router level helps companies prepare for rise of 5G (lien direct) | Machine learning (ML) and digital transformation (DX) go hand in glove.We've mastered how to feed data into pattern-recognition algorithms. And as we accelerate the digitalization of everything, even more data is being generated.Related: Defending networks with no perimeter… (more…) | |||
|
2020-03-24 15:08:52 | (Déjà vu) NEW TECH: QuoLab advances \'Security Operations Platform\' - SOP - technology (lien direct) | Defending enterprise networks has become a convoluted challenge, one that is only getting more byzantine by the day.I've written about the how SIEMs ingest log and event data from all across hybrid networks, and about how UEBA and SOAR… (more…) | |||
|
2020-03-23 15:45:38 | MY TAKE: Juniper Networks directs \'ML\' pattern recognition towards security tasks - at router level (lien direct) | Machine learning (ML) and digital transformation (DX) go hand in glove.We've mastered how to feed data into pattern-recognition algorithms. And as we accelerate the digitalization of everything, even more data is being generated.Related: Defending networks with no perimeter… (more…) | |||
|
2020-03-23 11:13:13 | NEW TECH: Start-up QuoLab enters emerging \'Security Operations Platform\' - SOP - space (lien direct) | Defending enterprise networks has become a convoluted challenge, one that is only getting more byzantine by the day.I've written about the how SIEMs ingest log and event data from all across hybrid networks, and about how UEBA and SOAR… (more…) | |||
|
2020-03-19 16:28:32 | NEW TECH: WhiteHat Security tackles \'dangling buckets,\' other new web app exposures (lien direct) | WhiteHat Security got its start some 17 years ago in Silicon Valley to help companies defend their public-facing websites from SQL injection and cross-site scripting hacks.Related: Mobile apps are full of vulnerabilitesBoth hacking methods remain a problem today. … (more…) | |||
|
2020-03-18 11:24:41 | SHARED INTEL: FireMon survey shows security lags behind fast pace of hybrid cloud deployments (lien direct) | Corporate America's love affair with cloud computing has hit a feverish pitch. Yet ignorance persists when it comes to a momentous challenge at hand: how to go about tapping the benefits of digital transformation while also keeping cyber exposures … (more…) | |||
|
2020-03-17 15:04:21 | NEW TECH: Can MPC - Multi Party Computation - disrupt encryption, boost cloud commerce? (lien direct) | Encryption is a cornerstone of digital commerce. But it has also proven to be a profound constraint on the full blossoming of cloud computing and the Internet of Things.Related: A ‘homomorphic-like’ encryption solutionWe know very well how to … (more…) | |||
|
2020-03-16 11:51:35 | NEW TECH: Byos pushes \'micro segmentation\' approach to cybersecurity down to device level (lien direct) | Many companies take an old-school approach to bringing up the rear guard, if you will, when it comes to protecting IT assets.It's called network segmentation. The idea is to divide the network up into segments, called subnetworks, to both … (more…) | ★★★★ | ||
|
2020-03-12 11:24:00 | SHARED INTEL: Bogus Coronavirus email alerts underscore risk posed by weaponized email (lien direct) | It comes as no surprise that top cyber crime rings immediately pounced on the Coronavirus outbreak to spread a potent strain of malware via malicious email and web links.Related: Credential stuffing fuels cyber fraudIBM X-Force researchers shared details… (more…) | Malware | ||
|
2020-03-11 12:41:28 | MY TAKE: Why speedy innovation requires much improved cyber hygiene, cloud security (lien direct) | Speed is what digital transformation is all about. Organizations are increasingly outsourcing IT workloads to cloud service providers and looking to leverage IoT systems.Related: The API attack vector expandsSpeed translates into innovation agility. But it also results in … (more…) | |||
|
2020-03-10 11:58:49 | NEW TECH: Devolution\'s \'PAM\' solution helps SMBs deal with rising authentication risks (lien direct) | The cybersecurity needs of small- and mid-sized businesses (SMBs) differ from those of large enterprises, but few solutions cater to them. A 2018 Cisco Cybersecurity Special Report found that 54 % of all cyber attacks cost the target company more … (more…) | |||
|
2020-03-09 11:39:15 | NEW TECH: Exabeam positions SIEM technology to help protect IoT, OT systems (lien direct) | Security information and event management systems — SIEMs — have been around since 2005, but their time may have come at last.Related: Digital Transformation gives SIEMs a second windAfter an initial failure to live up to their overhyped … (more…) | |||
|
2020-03-06 21:41:22 | SHARED INTEL: Here\'s why CEOs who\'ve quit Tweeting are very smart to do so (lien direct) | It's reached the point where some CEOs have even begun adjusting their personal online habits to help protect themselves, and by extension, the organizations they lead. Corporate consultancy PwC's recent poll of 1,600 CEOs worldwide found that cyber attacks are … (more…) | Guideline | ||
|
2020-03-05 21:38:26 | MY TAKE: Former NSA director says cybersecurity solutions need to reflect societal values (lien direct) | Is America's working definition of “national security” too narrow for the digital age?Yes, observes retired Admiral Michael Rogers, who served as a top White House cybersecurity advisor under both Presidents Obama and Trump. Related: The golden age of … (more…) | |||
|
2020-03-04 11:34:26 | MY TAKE: Why IoT systems won\'t be secure until each and every microservice is reliably authenticated (lien direct) | Wider use of Internet of Things systems that can make daily living safer, healthier and more convenient is on the immediate horizon. However, to fully capture the benefits of an IoT-centric economy, a cauldron of privacy and security concerns must … (more…) | |||
|
2020-03-02 11:16:34 | NEW TECH: Juicing up SOAR - SIRP inserts risk-based analysis into network defense playbooks (lien direct) | Security information and event management (SIEM) is evolving and integrating with security orchestration, automation, and response (SOAR) to add real value in the cybersecurity space.Related: How SOAR Is Helping to Address the Cybersecurity Skills GapSIEM is useful … (more…) | |||
|
2020-02-24 11:48:44 | BOOK REVIEW: \'Security Yearbook\' preserves cybersecurity history - highlights tectonic shift (lien direct) | Along with Richard Stiennon, I belong to a small circle of journalists and tech industry analysts who've been paying close attention to cybersecurity since Bill Gates curtailed commercial work on Windows to rivet Microsoft's attention on defending its software code. Related: The role of PKI is securing digital transformation That was in 2002. Back then, […] | |||
|
2020-02-21 11:46:26 | MY TAKE: PKI, digital certificates now ready to take on the task of securing digital transformation (lien direct) | Just five years ago, the Public Key Infrastructure, or PKI, was seriously fraying at the edges and appeared to be tilting toward obsolescence. Things have since taken a turn for the better. Related: Why PKI is well-suited to secure the Internet of Things PKI is the authentication and encryption framework on which the Internet is […] | |||
|
2020-02-18 20:12:48 | MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption (lien direct) | It was just a few short years ago that the tech sector, led by Google, Mozilla and Microsoft, commenced a big push to increase the use of HTTPS – and its underlying TLS authentication and encryption protocol. Related: Why Google’s HTTPS push is a good thing At the time, just 50 % of Internet traffic […] | ★★★★ | ||
|
2020-02-17 10:05:48 | NEW TECH: CyCognito employs offensive bot network to put companies a step a head of attackers (lien direct) | When it comes to defending their networks, most companies have had it drilled into them, by now, that it's essential to erect layered defenses. Related:Promise vs. pitfalls of IoT For small- and mid-sized businesses, firewalls, antivirus suites and access management systems represent the entry stakes for participating in today's digital economy. Security-mature SMBs go the […] | ★★ | ||
|
2020-02-03 09:20:59 | MY TAKE: Iran\'s cyber retaliation for Soleimani assassination continues to ramp up (lien direct) | Less than 48 hours after the killing of Iran's General Qasem Soleimani, the U.S. Department of Homeland Security issued a bulletin calling out Iran's “robust cyber program,” and cautioning everyone to be prepared for Iran to “conduct operations in the United States.” Related: Cyber warfare enters Golden Age In fact, strategic cyber operations essentially pitting […] | |||
|
2020-01-29 23:14:47 | GUEST ESSAY: Strategic tactics are key to a robust Cloud Security Posture Management regime (lien direct) | A cyber strategy is a documented approach to handling various aspects of cyberspace. It is mostly developed to address the cybersecurity needs of an entity by focusing on how data, networks, technical systems, and people are protected. An effective cyber strategy is normally on par with the cybersecurity risk exposure of an entity. It covers […] | |||
|
2020-01-20 08:57:50 | GUEST ESSAY: Cyber insurance 101 - for any business operating in today\'s digital environment (lien direct) | Cyberattacks are becoming more prevalent, and their effects are becoming more disastrous. To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance, is a way for companies to transfer some of numerous potential liability hits associated specifically […] | |||
|
2020-01-03 20:35:30 | MY TAKE: Why we should all now focus on restoring stability to US-Iran relations (lien direct) | As tensions escalate between the U.S. and Iran it's vital not to lose sight of how we arrived at this point. Related: We're in the golden age of cyber spying Mainstream news outlets are hyper focused on the events of the past six days. A Dec. 27 rocket attack on a military base in northern […] | |||
|
2019-12-31 17:35:21 | GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don\'t overlook physical security (lien direct) | Physical security is the protection of personnel and IT infrastructure (such as hardware, software, and data) from physical actions and events that could cause severe damage to an organization. This includes protection from natural disasters, theft, vandalism, and terrorism. Related: Good to know about IoT Physical security is often a second thought when it comes […] |
To see everything:
Our RSS (filtrered)
