Browser synchronization abuse: Bookmarks as a covert data exfiltration channel

Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make users’ lives easier, but may also allow hackers to establish a covert data exfil… Continue reading Browser synchronization abuse: Bookmarks as a covert data exfiltration channel

People are the primary attack vector around the world

With an unprecedented number of employees now working in hybrid or fully remote environments, compounded by an increase in cyber threats and a more overwhelmed, COVID-19 information fatigued workforce, there has never been a more critical time to effec… Continue reading People are the primary attack vector around the world

Your Phone May Soon Replace Many of Your Passwords

Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of phishing attacks and ease the overall password burden on Internet users, but caution that a true passwordless future may still be years away for most websites. Continue reading Your Phone May Soon Replace Many of Your Passwords

The benefits of cyber risk quantification in the modern cybersecurity landscape

Kovrr and SANS Institute released their joint survey that reveals enterprise motivation and impact of cyber risk quantification (CRQ) in the modern cybersecurity landscape. CRQ helps businesses evaluate the potential financial impact of cyber events on… Continue reading The benefits of cyber risk quantification in the modern cybersecurity landscape

How to recruit cybersecurity talent from atypical backgrounds

In this interview with Help Net Security, Max Shuftan, Director of Mission Programs & Partnerships at SANS Institute, talks about how companies and the cybersecurity industry should try to recruit hobbyists and DIYers – as well as individual… Continue reading How to recruit cybersecurity talent from atypical backgrounds

The biggest threat to ICS/OT is a lack of prioritization

A SANS survey reveals that cyber attackers have demonstrated a robust understanding of operational technology (OT) and industrial control system (ICS) engineering and have conducted attacks that gain access and negatively impact operations and human sa… Continue reading The biggest threat to ICS/OT is a lack of prioritization

Noname Security appoints Matt Tesauro as API Security Evangelist

Noname Security announced the appointment of Matt Tesauro as its API Security Evangelist. Tesauro will engage with Noname customers and the security industry at large, contributing to standards bodies and sharing his experience, insights and strategies… Continue reading Noname Security appoints Matt Tesauro as API Security Evangelist

Keysight unveils Industrial Visibility solutions to meet monitoring requirements worldwide

Keysight Technologies announced a new series of Industrial Visibility solutions, which include a network packet broker and taps that enable electric utilities to meet North American Electric Reliability Corporation (NERC) Critical Infrastructure Protec… Continue reading Keysight unveils Industrial Visibility solutions to meet monitoring requirements worldwide

D3 Security raises $10M to accelerate advancement of its next-generation SOAR platform

D3 Security announced it had received a growth equity investment of $10 million USD from Vistara Growth, a provider of flexible growth capital solutions to technology companies across North America. The $10M USD will be augmented by a $5M credit facili… Continue reading D3 Security raises $10M to accelerate advancement of its next-generation SOAR platform

SANS Institute chooses Pulumi Cloud Engineering Platform to adopt cloud engineering best practices

Pulumi announced that SANS Institute is using the Pulumi Cloud Engineering Platform to streamline the delivery of applications and infrastructure, increasing the speed of delivery by 3X. Pulumi enabled SANS to adopt cloud engineering best practices so … Continue reading SANS Institute chooses Pulumi Cloud Engineering Platform to adopt cloud engineering best practices