Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Cisco Talos researchers say the backdoor is installed as a service and constantly contacts its command and control (C&C) to receive commands. [Read More]
The iOS 15 makeover also includes patches for at least 22 documented security vulnerabilities, some serious enough to expose iPhone and iPad users to arbitrary code execution attacks. [Read More]
EventBuilder exposed files containing the personal information of at least 100,000 users who registered for events using the platform. [Read More]
Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]
Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects. [Read More]
Microsoft patched one critical and three high-severity issues that can allow attackers to execute code remotely as root or escalate privileges. [Read More]
The patch comes exactly one week after the Redmond, Wash. software giant acknowledged the CVE-2021-40444 security defect and confirmed the existence of in-the-wild exploitation via booby-trapped Microsoft Office documents. [Read More]
The company’s platform provides user and device management, helping employees securely access resources necessary for their work. [Read More]
Google joins Apple and Microsoft in warning about zero-day flaws being exploited in the wild. This time the target is the popular Google Chrome browser. [Read More]
Apple ships fixes for a pair of iOS and macOS security defects alongside a warning that these issues belong in the “actively exploited” zero-day category. [Read More]
- 1 of 87
- ››
FEATURES, INSIGHTS // Cloud Security
Current cloud deployments pose significant risks that could be mitigated with minor changes to infrastructure procurement and access.
The flexible and secure nature of the cloud allows security and application teams to focus on defining strategy for the future rather than being consumed by the management of what is in place today.
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Shifting to the cloud can be a radical but necessary change. There’s no denying the transition can be time consuming and costly upfront.
The combination of “shifting left” and “cloud security” is going to happen and be called “shifting everywhere.”
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
Managed security services are undergoing a timely and significant transformation, armed with new hyperscalable technology stacks, hybrid enterprise and cross-cloud protection complexities.
CISOs and their security teams need to quickly master these technologies if they’re to successfully partner with in-house development teams and secure “data-in-use.”
It is reasonable to assume that within five years the term “confidential compute” will become superfluous and an assumed native component of all cloud services.
- 1 of 17
- ››
Get the Daily Briefing
- VMware Confirms In-the-Wild Exploitation of vCenter Server Vulnerability
- Encrypted Messaging App Signal Hit by Brief Outage
- Chrome 94 Update Patches Actively Exploited Zero-Day Vulnerability
- Threat Actor Targets Indian Government With Commercial RATs
- States at Disadvantage in Race to Recruit Cybersecurity Pros
- EU Denounces Alleged Russian Hacking Ahead of German Vote
- FamousSparrow Cyberspies Exploit ProxyLogon in Attacks on Governments, Hotels
- Google Says Threat Actors Using New Code Signing Tricks to Evade Detection
- SonicWall Patches Critical Vulnerability in SMA Appliances
- LG to Acquire Vehicle Cybersecurity Firm Cybellum
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy