Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Redmond announces improved security for Microsoft Offices users, courtesy of Excel 4.0 (XLM) macros now being restricted by default. [Read More]
Cloud security and compliance automation startup Anitian has banked a $55 million Series B round led by Sageview Capital. [Read More]
The IPv6 guidance provides federal agencies with information on IPv6 and its security features, along with security considerations on the network protocol. [Read More]
Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements. [Read More]
The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said. [Read More]
Microsoft says the new security mode in Edge browser can keep users safe from zero-day attacks. [Read More]
Google researcher documents a pair of Zoom security defects and chides the company for missing a decades-old anti-exploit mitigation. [Read More]
A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without needing access to the target's phone. [Read More]
Chronicle’s VirusTotal contains likely millions of user credentials readily available to anyone who knows where and how to look. [Read More]
Security researchers document vulnerabilities in AWS CloudFormation and AWS Glue that could be abused to leak sensitive files and access other customer’s data. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Landon Winkelvoss's picture
The security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile.
Laurence Pitt's picture
With tight resources for managing healthcare, the IT challenge to keep track of vast amounts of data being created, accessed and modified is critical.
Gordon Lawson's picture
Most cyber insurance providers are demanding that companies supply proof of their backup implementation in order to obtain an affordable policy.
Laurence Pitt's picture
Cybersecurity Awareness Month is an excellent time to reflect on any changes made, and that might still need to be made since, as for many people hybrid has become the working ‘normal.’
William Lin's picture
Data security is a tough topic to summarize and I’d argue it may be the most misunderstood category in security right now.
Gunter Ollmann's picture
CISOs and their security teams need to quickly master these technologies if they’re to successfully partner with in-house development teams and secure “data-in-use.”
Gunter Ollmann's picture
It is reasonable to assume that within five years the term “confidential compute” will become superfluous and an assumed native component of all cloud services.
Alastair Paterson's picture
Opportunities for accidental exposure of sensitive information are often compounded by multiple stakeholders using collaborative tools without the proper policies, oversight and security training.
Laurence Pitt's picture
For an MSP looking to grow business, the convergence of SD-WAN and security, along with the transitional needs of customers, translates to opportunity.
Jim Gordon's picture
Individuals and security professionals should have a 360 mindset and know the actions needed to take in the pursuit of data protection and the preservation of privacy.