Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The agency's guidance is aimed at three main decision-maker groups and should help reduce overall risks associated with Managed Service Providers (MSPs). [Read More]
The high severity vulnerability could be exploited by malicious actors on the local network to execute code remotely when the user attempts to send an HTTP request. [Read More]
Jenkins confirms the recent Confluence CVE-2021-26084 exploit was used to compromise one of its servers to deploy a cryptocurrency miner. [Read More]
Microsoft’s embattled security response unit is scrambling to deal with another zero-day attack hitting users of its flagship Microsoft Office software suite. [Read More]
The social media advertising giant has shared an updated payout guideline for vulnerability hunters to better understand its bounty decisions. [Read More]
Software vendor SolarWinds failed to enable ASLR, an anti-exploitation feature available since the launch of Windows Vista 15 years ago. The oversight that made it easy for attackers to launch targeted malware attacks in July this year. [Read More]
Network detection and response play Corelight has raised a fresh $75 million funding round to speed up its global expansion ambitions. [Read More]
The two agencies warn of a noticeable increase in ransomware attacks on holidays and weekends, when offices are closed. [Read More]
The Singapore government augments its existing bug bounty program and VDP to offer bounty rewards of up to $150,000 for exceptionally impactful vulnerabilities. [Read More]
Israeli software giant Check Point joins the cybersecurity shopping spree with a definitive deal to acquire Avanan [Read More]

FEATURES, INSIGHTS // Cloud Security

rss icon

Justin Fier's picture
Businesses should be emphasizing visibility, early threat detection, and focusing on understanding ‘normal’ activity rather than ‘bad.’
Torsten George's picture
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
Gunter Ollmann's picture
With a diverse and globally distributed workforce, cybersecurity buying decisions will increasingly factor accessibility, usability, and inclusiveness in solution design and operability.
Gunter Ollmann's picture
CISOs are increasingly cognizant of the value deep integration of threat intelligence can bring to cloud protection platforms and bottom-line operational budgets.
Torsten George's picture
Securing multi-cloud and hybrid environments creates an unfamiliar situation for many organizations, in which they’re unsure of who is responsible for controlling access to and securing the underlying infrastructure.
John Maddison's picture
A single, cross-platform security strategy ensures that your cloud security deployment doesn’t replicate the challenges of complexity, siloed solutions, and solution sprawl faced in traditional network security environments.
Gunter Ollmann's picture
The faster in-house network administrators can transition to becoming public cloud network security engineers, architects, or analysts, the faster their organizations can implement digital transformation.
Justin Fier's picture
As executives, developers, security teams, and third-party vendors struggle to exert their influence on digital transformation, threat-actors are exploiting the chaos for their own gain.
Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Laurence Pitt's picture
“The Cloud Wars” may be dominating IT news headlines, but what does this phrase actually mean? And is it something that an enterprise needs to be concerned with?