New infosec products of the week: November 26, 2021

Here’s a look at the most interesting products from the past week, featuring releases from Avast, Boxcryptor, Code42, Hiya and Siren. Boxcryptor protects business data in Microsoft Teams with end-to-end encryption features Boxcryptor could be used in t… Continue reading New infosec products of the week: November 26, 2021

Your supply chain: How and why network security and infrastructure matter

With digital transformation, the rapid adoption of cloud computing and the IoT, and the global scale of today’s supply chains, cybercriminals have more entry points to networks and access to data than ever before. In the past year alone, cyberattacks o… Continue reading Your supply chain: How and why network security and infrastructure matter

From fragmented encryption chaos to uniform data protection

Encryption is so critical to enterprise security that it’s almost like air: It’s a necessity, it’s everywhere, and we can’t live without it. On the surface, having encryption everywhere seems like a great idea. However, in many ways the drive to achiev… Continue reading From fragmented encryption chaos to uniform data protection

After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. What’s more, it is already being leveraged b… Continue reading After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

Securing open-source code supply chains may help prevent the next big cyberattack

The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my software supply chain secure?” After months of analysis, we know that many (som… Continue reading Securing open-source code supply chains may help prevent the next big cyberattack

CISOs missing major holidays due to work demands

Two in five Chief Information Security Officers (CISOs) have missed holidays like Thanksgiving due to work demands, a Tessian report reveals. In addition, one-quarter have not taken time off work in the past 12 months. In addition to missing national h… Continue reading CISOs missing major holidays due to work demands

Small businesses urged to protect their customers from card skimming

With Black Friday and Cyber Monday quickly approaching, the UK National Cyber Security Centre (NCSC) is urging small online shops to protect their customers from card skimming cyber criminals. As part of NCSC’s Active Cyber Defence programme, the organ… Continue reading Small businesses urged to protect their customers from card skimming

GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed

GoDaddy, the popular internet domain registrar and web hosting company, has suffered a data breach that affected over a million of their Managed WordPress customers. What happened? “On November 17, 2021, we discovered unauthorized third-party acc… Continue reading GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed

Why cybersecurity training needs a post-pandemic overhaul

COVID-19 may have ushered in the rise of remote work (either temporarily or permanently) but not all organizations were prepared to manage a fully remote workforce and the cybersecurity challenges that come with it. Protecting information assets agains… Continue reading Why cybersecurity training needs a post-pandemic overhaul