Collaborate Disseminate
If there ever was such a thing as a cybersecurity silver bullet it would do one thing really well: eliminate passwords. Threat actors have proven to be endlessly clever at abusing and misusing passwords. Compromised logins continue to facilitate cyber … Continue reading NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link
Local government agencies remain acutely exposed to being hacked. That’s long been true. However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware s… Continue reading MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns
The convergence of DevOps and SecOps is steadily gaining traction in the global marketplace. Some fresh evidence of this encouraging trend comes to us by way of shared intelligence from WhiteHat Security. Related: The tie between DevOps and SecOps. Org… Continue reading SHARED INTEL: Mobile apps are riddled with security flaws, many of which go unremediated
Europe came down hard this summer on British Airways and Marriott for failing to safeguard their customers’ personal data. The EU slammed the UK airline with a $230 million fine, and then hammered the US hotel chain with a $125 million penalty &#… Continue reading MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools
Andrea Carcano’s journey to co-founding a security company in the vanguard of defending critical infrastructure began at a tender age. Related: Why the Golden Age of cyber spying is here Carcano hacked a computer screen at age 14, and that g… Continue reading NEW TECH: ICS zero-day flaws uncovered by Nozomi Networks’ analysis of anomalous behaviors
A core security challenge confronts just about every company today. Related: Can serverless computing plus GitOps lock down DX? Companies are being compelled to embrace digital transformation, or DX, if for no other reason than the fear of being left b… Continue reading MY TAKE: Coping with security risks, compliance issues spun up by ‘digital transformation’
It ought to be clear to everyone that personal privacy should be a human right and not a commodity to be bought and sold. Alas, we can’t take it for granted: data breaches put us under fire constantly, revealing everything about us from logs and … Continue reading GUEST ESSAY: The ethical considerations of personal privacy viewed as a human right
A faked Rolex or Prada handbag is easy enough to acquire on the street in certain cities, and you can certainly hunt one down online. Now add high-end counterfeit smartphones to the list of luxury consumer items that are being aggressively marketed to … Continue reading SHARED INTEL: Malware-ridden counterfeit phones place consumers, companies in harm’s way
“All we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!” This is an excerpt from a chilling ransom note Baltimore IT officials received from hackers who managed to lock up most of the city’s servers in May. The attackers demanded … Continue reading MY TAKE: A primer on how ransomware arose to the become an enduring scourge
A dozen years after Apple launched the first iPhone, igniting the smartphone market, the Bring Your Own Device to work phenomenon is alive and well. Related: Stopping mobile device exploits. The security issues posed by BYOD are as complex and difficul… Continue reading MY TAKE: Most companies blissfully ignorant of rising attacks on most-used endpoint: mobile devices