Security Experts:
IT Security News Headlines
More Security Headlines
The Russian cybersecurity firm has issued a report on ‘Ferocious Kitten’, an advanced threat actor in Iran that’s been conducting domestic cyber-surveillance for the last six years. [Read More]
The EU's proposed new rules to rein in tech giants risk undermining the security of the iPhone, Apple chief Tim Cook warned. [Read More]
Google has finally enabled end-to-end encryption (E2EE) for the Messages app in Android but the privacy-enhancing tool remains somewhat limited. [Read More]
Google has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption (FHE). [Read More]
A critical vulnerability discovered in a ThroughTek P2P SDK used by many security camera manufacturers can be exploited to gain remote access to camera feeds. [Read More]
Facebook is subject to EU privacy challenges from watchdogs in any of the bloc’s member states, not just its lead regulator in Ireland, the bloc’s top court ruled Tuesday, in a ruling that has implications for other big tech companies. [Read More]
Vulnerabilities discovered in some older Schneider Electric PowerLogic gateways can allow hackers to remotely take control of devices or disrupt them. [Read More]
The STEM Audio Table device was also found to be externally controllable without authentication. [Read More]
French court rules that Ikea had set up an elaborate system to illegally spy on hundreds of employees and job applicants over several years, using private detectives as well as police sources. [Read More]
Poland's parliament said it will hold a closed-door session Wednesday to discuss a wave of cyber attacks against the EU member that the government called "unprecedented". [Read More]
SecurityWeek Experts
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Although every network environment is unique, there are steps any organization can begin to implement now to reduce their risk from ransomware and other advanced threats.
President Biden's Executive Order (EO) to improve the nation’s cybersecurity is a good first step but it is likely not going to materially change the defensive posture of the nation.
Josh Goldfarb analyzes five statements stubborn people often say, discusses how they harm an organization's security posture, and suggests ways forward in each case.
For efficiency and effectiveness, automation must take a data-driven approach and encompass how we initiate and learn from the response, not just how we execute the process.
Shifting to the cloud can be a radical but necessary change. There’s no denying the transition can be time consuming and costly upfront.
While obscurity is an offensive tool for attackers, it also represents a defensive measure for organizations. Let’s consider the benefits of concealing network infrastructure and activity from the outside world to reduce the enterprise attack surface.
In response to a specific attack, it’s important to do external threat monitoring and threat actor engagement to determine if the actors are attempting to exploit or monetize the security event.
The combination of “shifting left” and “cloud security” is going to happen and be called “shifting everywhere.”
Get the Daily Briefing
- Hit by a Ransomware Attack? Your Payment May be Deductible
- Major Cyberattack on Poland Came from Russian Territory: Kaczynski
- Vulnerabilities in Open Design Alliance SDK Impact Siemens, Other Vendors
- Researcher Finds Several Vulnerabilities in Cisco Small Business Switches
- NSA Releases Guidance for Securing Enterprise Communication Systems
- Cruise Giant Carnival Says Customers Affected by Breach
- Akamai Blames Outage on DDoS Protection Service
- Google Confirms Sixth Zero-Day Chrome Attack in 2021
- Google Intros SLSA Framework to Enforce Supply Chain Integrity
- UK Law Firm Gateley Discloses Data Breach
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy