Security Experts:
IT Security News Headlines
More Security Headlines
Positive Technologies is one of the Russian tech companies sanctioned by the United States for supporting Kremlin intelligence agencies engaged in “dangerous and disruptive cyber attacks.” [Read More]
Google Project Zero announces changes to its vulnerability disclosure policy, and says it will give users more time to install patches before disclosing bug details. [Read More]
Google violated Australian law by misleading users of Android mobile devices about the use of their location data, a court ruled Friday in a landmark decision against the global digital giant. [Read More]
A software supply chain attack against a widely used continuous integration (CI) software development tool went undetected for four months and now security teams are scrambling to figure out which sensitive secrets were stolen. [Read More]
Cado Security, provider of a cloud-native digital forensics platform, has secured $10 million in Series A funding, which brings the total amount raised by the company to date to $11.5 million. [Read More]
A majority of the largest energy companies in the US don’t properly protect their domain names, according to a new report. [Read More]
More than 40 companies in 14 countries across Europe, the Americas, Africa and Asia were hit with spear-phishing emails. [Read More]
Reddit offers up to $10,000 for critical vulnerabilities that could be exploited for bulk data compromise. [Read More]
The U.S. government warned that Russian hackers are exploiting five known -- and already patched -- vulnerabilities in corporate VPN infrastructure products, insisting it is “critically important” to mitigate these issues immediately. [Read More]
The Biden administration on announced the expulsion of 10 Russian diplomats and sanctions against nearly three dozen people and companies over election interference and the hacking of federal agencies. [Read More]
- 1 of 1946
- ››
SecurityWeek Experts
Everyone is familiar with the three legs of cybersecurity stool: people, processes and technology. But most companies typically invest in just one area – technology.
Data security is a tough topic to summarize and I’d argue it may be the most misunderstood category in security right now.
Even if the best strategies and policies are created and uniformly agreed upon across all government and private sector domains, none of that will matter if the talent to execute does not exist.
Proactive risk management requires being able to examine and address risk from different yet complementary perspectives to bring context to the overall security of an OT environment.
Collaboration with teams across the organization to utilize data more efficiently and effectively, dramatically improves detection and response and is critical to achieve enterprise-wide risk management.
Understanding not just the tail end of the cyber-attack kill chain, but also focusing on initial attack vectors like endpoints provides a roadmap for aligning preventive measures with today’s threats.
Using Machine Learning (ML) with AI means that security tools can be trained to work better with data and the ML system will be able to make recommendations for improvements.
In today’s highly dynamic environments, integration needs to go beyond just the security elements of a platform.
While it’d be impossible to dig into all of the requests I’ve received over the years, here are some of the types of requests we’ve received that may make sense for you to ask your own managed security provider.
Taking down dark web sites may cause headache for both the bad guys and the good guys, but it can also have a profound positive effect on the fight against cybercrime.
- 1 of 243
- ››
Get the Daily Briefing
- Vulnerabilities in OpENer Stack Expose Industrial Devices to Attacks
- How the Kremlin Provides a Safe Harbor for Ransomware
- Critical Vulnerability Can Allow Attackers to Hijack or Disrupt Juniper Devices
- Industry Reactions to FBI Cleaning Up Hacked Exchange Servers: Feedback Friday
- More Countries Officially Blame Russia for SolarWinds Attack
- Sanctioned Russian IT Firm Was Partner With Microsoft, IBM
- Google Project Zero Announces 2021 Updates to Vulnerability Disclosure Policy
- Google Broke Australian Law Over Location Data Collection: Court
- Codecov Bash Uploader Dev Tool Compromised in Supply Chain Hack
- Cloud Forensics Firm Cado Security Raises $10 Million in Series A Funding
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy