Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A major security vulnerability in the open source PrestaShop software is being exploited in the wild and approximately 300,000 merchant shops are at risk. [Read More]
A study of the evolution of cybercrime suggests the threat will only get worse as financially motivated malware gangs start to mimic the operations of legitimate businesses. [Read More]
Apple's security response team has pushed out software fixes for at least 39 software vulnerabilities haunting the macOS Catalina, iOS and iPadOS platforms. [Read More]
Prominent cybersecurity executive Katie Moussouris is calling on the U.S. government to resist the urge to match China’s reported mandates around early vulnerability disclosure directly to the government. [Read More]
Redmond's Salus tool works across platforms including Windows, Linux, and Mac to generate SBOMs based on the SPDX specification. [Read More]
Microsoft issues an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system. [Read More]
Emsisoft has released free decryptors for the AstraLocker ransomware variants to help victims recover data. [Read More]
The infamous North Korean Lazarus hacking group is the prime suspect in the $100 million hack of Harmony’s Horizon Bridge, according to new data and research from Elliptic. [Read More]
Aqua Security releases open source tool for auditing the software supply chain to ensure compliance with newly created CIS guidelines. [Read More]
Big-game malware hunters at Volexity call attention to a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. [Read More]

FEATURES, INSIGHTS // Disaster Recovery

rss icon

Marcus Ranum's picture
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
Chris Hinkley's picture
A multi-layered breach detection and recovery plan is a must to protect your organization, making the difference between a catastrophic breach that devastates your business and a breach that’s quickly contained and terminated.
Chris Poulin's picture
There’s no one size fits all disaster survival plan: a server compromise is vastly different than full scale nuclear attack, and both require situationally appropriate responses.
Danelle Au's picture
What can we glean from "Superstorm" Sandy that will help us deal with security events as disruptive in nature as Super Storm Sandy? Do we need a strategic shift in how we respond to incidents? What are key security observations from this storm?
Rod Rasmussen's picture
In the security and privacy world, 2012 is turning out to be the year for Internet security bills. But why now and why so many Internet protection bills suddenly coming up in Congress?
Ram Mohan's picture
The Amazon Web Services Cloud Outage showed the world that the cloud — while great — does not absolve companies from taking fundamental precautions to safeguard their systems online.
Mike Lennon's picture
Enjoy this selection of top picks for 2010, listed in no particular order. Happy New Year!