Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

Apple Patches Recent iPhone Jailbreak Zero-Day
Hackers Leak Data Stolen From UK Electricity Market Administrator Elexon
Hackers Disrupt Minneapolis Systems, But No Evidence of Breach
Zscaler Acquires Microsegmentation Firm Edgewise Networks
Data From Joomla Resources Directory Exposed via Unprotected AWS Bucket
long dotted

NEWS & INDUSTRY UPDATES

Researchers Analyze Entry Points, Vectors for Manufacturing System Attacks
Researchers analyzed the possible entry points and attack vectors for targeting smart manufacturing systems and discovered several new vulnerabilities in the process. [Read More]
Recorded Future Releases Free Threat Intelligence Browser Extension
Recorded Future has announced Express, a free threat intelligence browser extension that helps security teams prioritize SIEM alerts and vulnerability patching. [Read More]
Czech, US to Cooperate on Security of 5G Networks
The Czech Republic and the United States have signed a joint declaration Wednesday for cooperating on security of 5G technology. [Read More]
SAP Alerts Customers of Vulnerabilities in Cloud Products
SAP this week revealed that it is notifying customers of a series of security issues that it has identified in its cloud products. [Read More]
New Executive Order Aims to Protect U.S. Power Grid From Backdoored Equipment
President Donald Trump has signed an executive order prohibiting the acquisition of bulk-power system equipment that could contain intentional backdoors planted by adversaries. [Read More]
COVID-19 Lockdown Fuels Increase in RDP Attacks
The number of attacks abusing RDP to compromise corporate environments has increased significantly over the past couple of months. [Read More]
Hackers Knew How to Target PLCs in Israel Water Facility Attacks: Sources
The changes made to PLCs in the attacks targeting Israeli water facilities shows the sophistication of the hackers and that they knew exactly what they were doing. [Read More]
China Mandates Cybersecurity Reviews for Tech Product Acquisitions
New rules require critical information infrastructure operators in China to conduct cybersecurity reviews when purchasing tech products and services. [Read More]
Mozilla Says Many Popular Video Call Apps Meet Its Minimum Security Standards
Mozilla’s latest “*Privacy Not Included” report shows that twelve out of fifteen popular video call applications and platforms meet the organization’s minimum security standards. [Read More]
FCC Only Partially Improved Its Cybersecurity Posture, GAO Says
The FCC has yet to fully address cyber-security risks in its systems, a newly published report from the United States Government Accountability Office (GAO) reveals. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Jim Ducharme's picture
Now That Everyone's Working From Home, How's Your Helpdesk Holding Up?
Jim Ducharme - Incident Response
Heightened anxiety is a normal consequence of drastic change, and it’s natural for the entire organization to be stressed by the shift to a fully remote work environment.
Read full story
Laurence Pitt's picture
Coming to a Conference Room Near You: Deepfakes
Laurence Pitt - Risk Management
What can we do in order to prevent the spread of fake content or reduce the risk of a targeted use of Deepfakes that could cause damage to our organization?
Read full story
Joshua Goldfarb's picture
Leveraging Gap Analysis to Drive Security Metrics
Joshua Goldfarb - Risk Management
Gap analysis can serve as a wonderful driver for improving security metrics if the security team understands how to seize the opportunity it presents.
Read full story
AJ Nash's picture
Graduation Day: From Cyber Threat Intelligence to Intelligence
AJ Nash - Risk Management
Once we shed the shackles of “cyber” and “threat,” we free our teams to consider a full spectrum of intelligence, including support to physical security, insider threats, procurement, mergers and acquisitions, and executive decision-making.
Read full story
Fred Kneip's picture
It's Time for the C Suite and Boards to Truly Engage in Third-Party Cyber Risk Management
Fred Kneip - Risk Management
While some forward-thinking companies have created c-suite positions for IT and security personnel such as CTOs and CISOs, these are, overall, still relatively rare.
Read full story
Josh Lefkowitz's picture
Don't Overlook the Importance of Feedback in an Intelligence Operation
Josh Lefkowitz - Risk Management
The successful execution of each step of the intelligence cycle relies on the successful execution of the step that came before it.
Read full story
Fred Kneip's picture
Most Companies Don't Properly Manage Third-Party Cyber Risk
Fred Kneip - Risk Management
Third party cyber risk management programs need to go beyond an initial scan and evaluate your third party’s security from the inside out.
Read full story
Josh Lefkowitz's picture
Don't Let Annual Predictions Overshadow the Need for Iterative Security
Josh Lefkowitz - Risk Management
It’s crucial to recognize that annual security predictions generally only include that which can be feasibly predicted by the final months of the prior year.
Read full story
Marie Hattar's picture
Clean Up Your Act with Better Cyber Hygiene
Marie Hattar - Risk Management
The solution: every week, devote at least two hours to basic cyber hygiene. Four best practices will help your team build habit from repetition.
Read full story
Joshua Goldfarb's picture
Tips for Leveraging Security Metrics
Joshua Goldfarb - Risk Management
Security metrics is a topic that, while challenging, is also important and at the top of the priority list for security organizations. Here are five tips for leveraging security metrics to keep your organization out of the lion’s den.
Read full story