Black Hat insights: WAFs are getting much more dynamic making them well-suited to protect SMBs

A cornucopia of cybersecurity solutions went on public display today as Black Hat USA 2021 convened once more as a live event in Las Vegas.
Related: Kaseya hack raises more supply chain worries
For small- and mid-sized businesses (SMBs) cutting … (more… Continue reading Black Hat insights: WAFs are getting much more dynamic making them well-suited to protect SMBs

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

What does Chinese tech giant Huawei have in common with the precocious kid next door who knows how to hack his favorite video game? Related: Ransomware remains a scourge The former has been accused of placing hidden backdoors in the firmware of equipme… Continue reading SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

Encrypted flash drives, essentially secure storage on a stick, are a proven technology that has been readily available for at least 15 years. A few years back, it seemed like they would fade into obsolescence, swept aside by the wave of streaming servi… Continue reading BEST PRACTICES: Resurgence of encrypted thumb drives shows value of offline backups — in the field

NEW TECH: Silverfort deploys ‘multi-factor authentication’ to lock down ‘machine identities’

From the start, two-factor authentication, or 2FA, established itself as a simple, effective way to verify identities with more certainty. Related: A primer on IoT security risks The big hitch with 2FA, and what it evolved into – multi-factor aut… Continue reading NEW TECH: Silverfort deploys ‘multi-factor authentication’ to lock down ‘machine identities’

SHARED INTEL: APIs hook up new web and mobile apps — and break attack vectors wide open

If your daily screen time is split between a laptop browser and a smartphone, you may have noticed that a few browser web pages are beginning to match the slickness of their mobile apps. Related: The case for a microservices firewall Netflix and Airbnb… Continue reading SHARED INTEL: APIs hook up new web and mobile apps — and break attack vectors wide open

SHARING INTEL: Why full ‘digital transformation’ requires locking down ‘machine identities’

Digital commerce has come to revolve around two types of identities: human and machine. Great effort has gone into protecting the former, and yet human identities continue to get widely abused by cyber criminals. By comparison, scant effort has gone in… Continue reading SHARING INTEL: Why full ‘digital transformation’ requires locking down ‘machine identities’

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

If there ever was such a thing as a cybersecurity silver bullet it would do one thing really well: eliminate passwords. Threat actors have proven to be endlessly clever at abusing and misusing passwords. Compromised logins continue to facilitate cyber … Continue reading NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

SHARED INTEL: How NTA/NDR systems get to ‘ground truth’ of cyber attacks, unauthorized traffic

The digital footprints of U.S. consumers’ have long been up for grabs. No one stops the tech giants, media conglomerates and online advertisers from intensively monetizing consumers’ online behaviors, largely without meaningful disclosure. … Continue reading SHARED INTEL: How NTA/NDR systems get to ‘ground truth’ of cyber attacks, unauthorized traffic

MY TAKE: CASBs help companies meet ‘shared responsibility’ for complex, rising cloud risks

Cloud Access Security Brokers – aka “caz-bees” — have come a long way in a short time. CASBs, a term coined by tech industry consultancy Gartner, first cropped about seven years ago to help organizations enforce security and gov… Continue reading MY TAKE: CASBs help companies meet ‘shared responsibility’ for complex, rising cloud risks

SHARED INTEL: What it takes to preserve business continuity, recover quickly from a cyber disaster

To pay or not to pay? That’s the dilemma hundreds of organizations caught in the continuing surge of crippling ransomware attacks have faced. Related: How ransomware became such a scourge The FBI discourages it, as you might have guessed. What&#8… Continue reading SHARED INTEL: What it takes to preserve business continuity, recover quickly from a cyber disaster