Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

Video: Fireside Chat With Shane Huntley, Director at Google's Threat Analysis Group
PyPI Served Malicious Version of Popular 'Ctx' Python Package
Semperis Banks $200 Million to Scale Enterprise ID Protection Tech
Red Access Raises $6 Million for Secure Browsing Tech
LimaCharlie Banks $5.45 Million in Seed Funding
long dotted

NEWS & INDUSTRY UPDATES

Now Live: SecurityWeek Threat Intelligence Summit Virtual Event
SecurityWeek will host its 2022 Threat Intelligence Summit as a fully immersive virtual event on May 18, 2022. [Read More]
National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques
Canada, the Netherlands, New Zealand, the US, and the UK warn that threat actors exploit weak cybersecurity practices for initial access. [Read More]
SecurityWeek to Host Threat Intelligence Summit Virtual Event on May 18th
SecurityWeek will host its 2022 Threat Intelligence Summit as a fully immersive virtual event on May 18, 2022. [Read More]
CISA Removes Windows Vulnerability From 'Must-Patch' List Due to Buggy Update
CISA has temporarily removed the Windows vulnerability known as PetitPotam from its Must-Patch list after learning from Microsoft that a recent patch can cause authentication failures. [Read More]
BalkanID Raises $6M for Intelligent IGA Technology
Texas startup Balkan ID banks $5.75 million in seed funding to help organizations find and remediate risky privileges across SaaS and public cloud infrastructure. [Read More]
Patch Tuesday: Microsoft Warns of New Zero-Day Being Exploited
Microsoft patches at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers are already launching zero-day man-in-the-middle attacks. [Read More]
Technical Details, IoCs Available for Actively Exploited BIG-IP Vulnerability
IoCs and other resources have been made available for the actively exploited BIG-IP vulnerability tracked as CVE-2022-1388. [Read More]
Microsoft Flexes Security Vendor Muscles With Managed Services
Microsoft launched new managed services styled as a combination of technologies, threat intelligence and skilled personnel to help businesses hunt for signs of compromise or outsource the handling of detection and response incidents. [Read More]
China Not Happy With South Korea Joining NATO Cyber Defense Center
China is apparently not happy that South Korea has joined NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE). [Read More]
GitHub Announces Mandatory 2FA for Code Contributors
By the end of 2023, GitHub will mandate that all code contributors secure their computers with at least one form of two-factor authentication (2FA) account protection. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Gordon Lawson's picture
For Smaller Enterprises Infrastructure Security Starts With Hygiene
Gordon Lawson - Risk Management
The surge of cyber attacks in 2021 was a wake-up call for consumers, who felt the firsthand effects that can result from a breach.
Read full story
Torsten George's picture
Why Ransomware Response Matters More Than Protection
Torsten George - Incident Response
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
Read full story
Landon Winkelvoss's picture
Achieving Positive Outcomes With Multi-Domain Cyber and Open Source Intelligence
Landon Winkelvoss - Incident Response
Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities.
Read full story
Keith Ibarguen's picture
A Sheep in Wolf's Clothing: Technology Alone is a Security Facade
Keith Ibarguen - Incident Response
Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises.
Read full story
Laurence Pitt's picture
Public and Private Sector Security: Better Protection by Collaboration
Laurence Pitt - Incident Response
There are areas where governments can learn from the private sector and vice-versa, which will help both sides adapt more quickly and effectively to a continuously evolving threat environment.
Read full story
Torsten George's picture
In the Hacker's Crosshairs: K-12 Schools
Torsten George - Risk Management
Schools should take measures to identify and secure sensitive data, keep devices up-to-date, and ensure that their endpoint security controls are working.
Read full story
Gordon Lawson's picture
Defense Contractors Must do More to Conceal Their Attack Surface
Gordon Lawson - Network Security
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Read full story
Torsten George's picture
The Need for Survivable, Trustworthy Secure Systems
Torsten George - Risk Management
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.
Read full story
Landon Winkelvoss's picture
Planning for the Future: What's Ahead in 2022
Landon Winkelvoss - Risk Management
The security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile.
Read full story
Marie Hattar's picture
Cybersecurity is Under Assault, And It's Growing Worse
Marie Hattar - Risk Management
It is a good idea to assume that your network has already been breached, even if no overtly malicious notifications have surfaced.
Read full story