Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Reuters is reporting that a draft executive order would set new rules on data breach disclosure and use of multi-factor authentication and encryption in federal agencies. [Read More]
Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks. [Read More]
Feedzai lands $200 million in funding to build out its AI/ML-based fraud prevention tools for financial services firms. The round was led by KKR. [Read More]
Researchers investigating the SolarWinds attacks has discovered a new APT group called SilverFish that has conducted cyber-attacks on at least 4720 targets worldwide. [Read More]
For the third time this year, Google has shipped an urgent fix to block in-the-wild zero-day attacks hitting its flagship Chrome browser but defenders lament the lack of information on the live attacks. [Read More]
Microsoft is reportedly looking closely at its Microsoft Active Protections Program (MAPP) to figure out if an anti-malware partner in China leaked proof-of-concept code ahead of the availability of Exchange Server patches. [Read More]
Anti-malware vendor McAfee is changing owners again in a $4 billion all-cash transaction headlined by the sale of its enterprise business unit. [Read More]
Security vendor Zimperium warns that improperly implemented cloud containers expose user information in thousands of mobile applications. [Read More]
The high severity flaws were introduced in the Linux kernel since November 2019 and affect all major distributions. [Read More]
Microsoft has raised the alarm after discovering Chinese cyber-espionage operators chaining multiple zero-day exploits to siphon e-mail data from corporate Microsoft Exchange servers. [Read More]

FEATURES, INSIGHTS // Disaster Recovery

rss icon

Marcus Ranum's picture
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
Chris Hinkley's picture
A multi-layered breach detection and recovery plan is a must to protect your organization, making the difference between a catastrophic breach that devastates your business and a breach that’s quickly contained and terminated.
Chris Poulin's picture
There’s no one size fits all disaster survival plan: a server compromise is vastly different than full scale nuclear attack, and both require situationally appropriate responses.
Danelle Au's picture
What can we glean from "Superstorm" Sandy that will help us deal with security events as disruptive in nature as Super Storm Sandy? Do we need a strategic shift in how we respond to incidents? What are key security observations from this storm?
Rod Rasmussen's picture
In the security and privacy world, 2012 is turning out to be the year for Internet security bills. But why now and why so many Internet protection bills suddenly coming up in Congress?
Ram Mohan's picture
The Amazon Web Services Cloud Outage showed the world that the cloud — while great — does not absolve companies from taking fundamental precautions to safeguard their systems online.
Mike Lennon's picture
Enjoy this selection of top picks for 2010, listed in no particular order. Happy New Year!