Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

ACLU is demanding more answers about a data breach at the state’s public bus service, including why the personal information of state employees who don’t even work for the agency was compromised. [Read More]
LastPass users are being urged to change master passwords and enable multi-factor authentication for all accounts. [Read More]
Storage devices from several major vendors are affected by vulnerabilities discovered by a researcher in a third-party encryption software they all use. [Read More]
Check Point security researchers publish findings from a deep-dive into DoubleFeature, a component of the Equation Group’s DanderSpritz post-exploitation framework. [Read More]
DuckDuckGo plans to ship a privacy-centric desktop browser built from scratch to compete with Google’s Chrome and Microsoft’s Edge. [Read More]
The Apache HTTP Server 2.4.52 is listed as urgent and CISA is calling on user to “update as soon as possible.” [Read More]
A long-term phishing experiment at a 56,000-employee company ends with a caution around the use of simulated phishing lures in corporate security awareness training exercises. [Read More]
Researchers warn that the vulnerability has existed since September 2017 and has likely been exploited in the wild. [Read More]
French video game company Ubisoft this week confirmed that 'Just Dance' user data was compromised in a recent cybersecurity incident. [Read More]
As the scale and impact of the Log4j security crisis become clearer, defenders brace for a long, bumpy ride filled with software-dependency headaches. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Jim Ivers's picture
More vulnerabilities create more attacks; more attacks breed additional fatigue. So how can we wake up and fix the problems creating such a widespread headache?
Justin Fier's picture
When we look at this cycle of stealthy and silent data breaches, we have to ask ourselves: how can such tremendous amounts of data leave our corporate networks without raising any alarms?
Joshua Goldfarb's picture
Many organizations seem to focus almost entirely on technological solutions to tactical problems, rather than on strategically addressing how they can best and most efficiently protect data.
Lance Cottrell's picture
Passive Information Leakage (PIL) is one of the least known and most difficult forms of data lost to prevent, and is little understood, primarily because it cannot be addressed through conventional security practices.
Steven Grossman's picture
The challenge of data protection is not going away. Even without the ever-improving tactics of the bad guys, data sprawl has made it difficult for those just trying to do their jobs.
Jennifer Blatnik's picture
By taking what you know about security in the physical world and logically applying it to the virtual world, you can effectively protect your personal information.
Alastair Paterson's picture
What can U.S.-based companies do to prepare for the GDPR that is due to come into force in May 2018? These five steps can help.
Jennifer Blatnik's picture
Almost every industry can improve efficiencies with blockchain. But what will make blockchain a success is ultimately security.
Steven Grossman's picture
Organizations are increasingly combining UEBA technology with other data sources and analytics methods to overcome cyber risk challenges on a broader scale.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.