Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
VMWare fixes a serious URL-handling vulnerability in the Carbon Black administrative interface and warns of authentication bypass and potential code execution risks. [Read More]
The U.S. Department of Homeland Security's CISA is directing federal agencies to scan their Microsoft Exchange environments for four weeks and report if they find any compromised servers. [Read More]
Researchers warns that tens of thousands of QNAP SOHO NAS devices potentially impacted by unpatched remote code execution flaws. [Read More]
Citrix warns that the bugs could result in privileged code in a guest virtual machine to crash the host or render it unresponsive. [Read More]
North Korean government-backed APT group caught using a fake pen-testing company sock puppet Twitter and LinkedIn accounts in an escalation of a hacking campaign targeting security research professionals. [Read More]
A serious security bug in the 'netmask' npm package leads to misinterpretation of IP addresses. [Read More]
Reuters is reporting that a draft executive order would set new rules on data breach disclosure and use of multi-factor authentication and encryption in federal agencies. [Read More]
Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks. [Read More]
With new financial backing from Great Hill Partners, Jumio plans to invest in automating identity verification solutions and adding new services to its platform. [Read More]
Cloud security company Orca becomes a unicorn after raising $210 million in a Series C funding round at a valuation of $1.2 billion. [Read More]
- 1 of 71
- ››
FEATURES, INSIGHTS // Cloud Security
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
Managed security services are undergoing a timely and significant transformation, armed with new hyperscalable technology stacks, hybrid enterprise and cross-cloud protection complexities.
CISOs and their security teams need to quickly master these technologies if they’re to successfully partner with in-house development teams and secure “data-in-use.”
It is reasonable to assume that within five years the term “confidential compute” will become superfluous and an assumed native component of all cloud services.
Businesses should be emphasizing visibility, early threat detection, and focusing on understanding ‘normal’ activity rather than ‘bad.’
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.
With a diverse and globally distributed workforce, cybersecurity buying decisions will increasingly factor accessibility, usability, and inclusiveness in solution design and operability.
CISOs are increasingly cognizant of the value deep integration of threat intelligence can bring to cloud protection platforms and bottom-line operational budgets.
Securing multi-cloud and hybrid environments creates an unfamiliar situation for many organizations, in which they’re unsure of who is responsible for controlling access to and securing the underlying infrastructure.
A single, cross-platform security strategy ensures that your cloud security deployment doesn’t replicate the challenges of complexity, siloed solutions, and solution sprawl faced in traditional network security environments.
- 1 of 17
- ››
Get the Daily Briefing
- Microsoft Open-Sources 'CyberBattleSim' Enterprise Environment Simulator
- CISA Releases Tool to Detect Microsoft 365 Compromise
- Security Automation Firm Tines Raises $26 Million at $300 Million Valuation
- LG Promises Three Years of OS Updates for Premium Android Smartphones
- Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits
- Collaboration Platforms Increasingly Abused for Malware Distribution, Data Exfiltration
- Cisco Patches Critical Flaw in SD-WAN vManage
- Cost of Sandboxing Prompts Shift to Memory-Safe Languages. A Little Too Late?
- Library Dependencies and the Open Source Supply Chain Nightmare
- Belden Says Health-Related Information Exposed in Data Breach
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy