Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Microsoft-owned GitHub warns that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. [Read More]
Redmond says the evasive malware delivery method is being leveraged in attacks to deliver remote access Trojans (RATs), banking malware, and other malicious payloads. [Read More]
Cloudflare said the multi-vector distributed denial of service attack combined DNS amplification attacks and UDP floods and lasted just one minute. [Read More]
Chipmakers Intel and AMD release patches for multiple vulnerabilities in multiple products, including a series of high severity issues in software drivers. [Read More]
AT&T Alien Labs researchers flag new Golang-based malware threat that could potentially infect millions of routers and Internet of Things (IoT) devices. [Read More]
Zoom ships multiple security bulletins calling special attention to a pair of “high-risk” bugs affecting its on-prem meeting connector software and the popular Keybase Client. [Read More]
U.S. Vice President Kamala Harris on Wednesday announced support for the Paris Call for Trust and Security in Cyberspace. [Read More]
Palo Alto Networks is calling urgent attention to a critical-severity vulnerability in its GlobalProtect portal and gateway interfaces. [Read More]
An authenticated attacker could exploit the flaw to trigger the restart of the WordPress installation process and create an administrator account. [Read More]
Researchers warn that the malware has extensive spyware capabilities, including data theft, GPS monitoring, and audio and video recording. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Travis Greene's picture
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Preston Hogue's picture
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
Alastair Paterson's picture
While a boon to productivity, some of the most ubiquitous file sharing services across the Internet are also at the heart of a global problem – publicly exposed data.
Jim Ivers's picture
More vulnerabilities create more attacks; more attacks breed additional fatigue. So how can we wake up and fix the problems creating such a widespread headache?