Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Apple ships fixes for a pair of iOS and macOS security defects alongside a warning that these issues belong in the “actively exploited” zero-day category. [Read More]
Hackers leaked online credentials stolen from 87,000 VPN devices, affecting roughly 22,500 victims worldwide, including nearly 3,000 in the United States. [Read More]
Cisco warns that these vulnerabilities could be exploited by attackers to reboot devices, elevate privileges, or overwrite and read arbitrary files. [Read More]
A critical security flaw in HAProxy could lead to HTTP request smuggling attacks, allowing attackers to bypass security controls and access sensitive data without authorization. [Read More]
The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation. [Read More]
SecurityWeek examines if Taliban-ruled Afghanistan is, or will become, a notable cyber threat to the West. [Read More]
Zoho confirms attacks against an authentication bypass vulnerability in its ADSelfService Plus product. [Read More]
The Android Security Bulletin for September 2021 includes patches for a total of 40 vulnerabilities, including seven that are rated critical. [Read More]
The agency's guidance is aimed at three main decision-maker groups and should help reduce overall risks associated with Managed Service Providers (MSPs). [Read More]
Over two decades, the United States and its allies spent hundreds of millions of dollars building databases for the Afghan people, but most of that digital apparatus fell into the hands of an Taliban rulers. [Read More]
FEATURES, INSIGHTS // Cyberwarfare
Creative disruption, where a paradigm shift in thinking replaces an existing order, may be an elusive concept but its power as a driving force of human behavior cannot be denied.
One can only hope our nation’s alarm clocks wake up and stir our national leaders’ imaginations before a cyber incident of the magnitude of 9/11 results in the need for a “Cyber Strikes Commission Report.”
Defenders should use their "Strategic Depth" to mitigate attacks not on the perimeter but deeper within their network where they can leverage on their strategic advantage.
The term “Tipping Point” is controversial because it has been so widely misused and loosely applied; two abuses that I often see in the cyber security marketplace.
Enemy infrastructure is and always has been an important military target. The difference is that with increasingly automated and connected infrastructure, the ability for an enemy to target these systems digitally has increased, putting these systems at greater risk.
I believe that no other nation can match the capabilities of the United States military, but at the same time, matching the level of resources and investment in cyber being made by nation states such as China could prove impossible.
The building blocks for a robust cybersecurity strategy are not uniquely different from security requirements for a traditional enterprise...
When the Chinese government states that it is not behind most of these attacks – it is possibly telling the truth. That the Chinese government has offensive cyber capabilities are not disputed. What is not a given is that all of this activity has been officially prompted or sanctioned.
It remains to be seen how the big powers will come to agree on the precise rules to govern cyber operations – currently the international legal status is uncertain, but the little players had better concentrate on improving old and developing new defensive measures.
Cyberwar, at least the type where infrastructure or actual lives are targeted and destroyed, will not just happen for the fun of it. There are consequences to any such activity, as recent policy activity and policy makers make clear.
Get the Daily Briefing
- Working Securely From Anywhere With Zero Trust
- Apple Confirms New Zero-Day Attacks on Older iPhones
- Improving Security Posture to Lower Insurance Premiums
- Web Security Provider Jscrambler Raises $15 Million
- Report: Suspected Chinese Hack Targets Indian Media, Gov't
- Apple Deprecates Outdated TLS Protocols in iOS, macOS
- Third-Party Risk Management Firm Panorays Raises $42 Million
- Cisco Patches Critical Vulnerabilities in IOS XE Software
- VMware vCenter Servers in Hacker Crosshairs After Disclosure of New Flaw
- Attacks on Russian Government Orgs Exploit Recent Microsoft Office Zero-Day
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy