Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
FireEye releases SharPersist, a free and open source C#-based Windows persistence toolkit that can be useful to Red Teams. [Read More]
The Libra Association, the organization in charge of Facebook’s Libra cryptocurrency, has launched a public bug bounty program with rewards of up to $10,000. [Read More]
Visa this week announced a new set of capabilities aimed at improving fraud prevention and cybersecurity of payment systems. [Read More]
Facebook has announced the 2019 winners of the Internet Defense Prize, an award offered in partnership with USENIX. [Read More]
U.S. Attorney General Bill Barr says increased encryption of data on phones and computers and encrypted messaging apps are putting American security at risk. [Read More]
BlackBerry Cylance has prepared an update to address a recently disclosed bypass of its AI-based antivirus, but the company has downplayed its impact. [Read More]
The government of Singapore announces its third bug bounty program via HackerOne after the first two were considered a success. [Read More]
AttackIQ, a company that specializes in continuous security validation, raised $17.6 million in a Series B funding round, which brings the total raised by the firm to roughly $35 million. [Read More]
Respond Software, a California-based company that provides automation technology for security teams, raises $20 million in a Series B funding round. [Read More]
Intel adds Hardware Shield security feature to its new 8th Gen Intel Core vPro mobile processors to protect devices against firmware attacks. [Read More]
FEATURES, INSIGHTS // Security Architecture
Security frameworks are designed to provide a reference for those designing various programmatic security mechanisms in order to benefit from collective successes and failures of the broad community.
Security has evolved to the point that I can now say that collection, sensing, and alerting are yesterday’s news.
Threat intelligence is only valuable if an organization takes the necessary steps to quickly and easily apply that intelligence to actual security policy.
As NSA Chief Hacker Rob Joyce indicated during his recent talk at the Usenix Enigma conference, hackers are patient and persistent.
In security, we have grown accustomed to treating the symptoms of our problems, rather than treating the problems themselves.
Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.
While we must continue to use defensive technologies because they help address the level of white noise that has become part of the cost to operate in our hyper-connected, digitized world, we can’t stop there.
There are many contextual details that differentiate cyber threat information from threat intelligence. Only with the proper context can data be considered intelligence, rather than simply information.
Taking a look at security from a different vantage point that allows us to correlate activity by user, rather than by system alone gives us a very different perspective.
When vendors and individuals attempt to keep threat intelligence private, they limit the ability of the entire group to identify and mitigate new threats as they are developed and launched against organizations.
Subscribe to the Daily Briefing
- Firefox Gets DNS-over-HTTPS as Default in U.S.
- Samsung Says it Leaked Data on Handful of UK Customers
- RSA Conference 2020: Product Announcement Summary (Day 2)
- Over 100 Vulnerabilities Patched in MyBB in Past 5 Years
- State-Sponsored Cyberspies Use Sophisticated Server Firewall Bypass Technique
- Zyxel Patches Zero-Day Vulnerability in Network Storage Products
- KPMG on Key Cybersecurity Considerations for 2020
- HackerOne Surpasses $82 Million in Paid Bounties
- Mobile Networks Vulnerable to IMP4GT Impersonation Attacks
- Google Patches Chrome Vulnerability Exploited in the Wild
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy