Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

An unauthenticated update process vulnerability could be abused for the download and execution of malware on servers. [Read More]
Open source security management company WhiteSource has raised $75 million in Series D funding. [Read More]
Proofpoint warns that attackers are leveraging compromised supplier accounts and supplier impersonation to send malware, steal credentials and perpetrate invoicing fraud. [Read More]
Researchers have discovered FlixOnline, new Android malware that uses Netflix as its lure and spreads malware via auto-replies to WhatsApp messages. [Read More]
A joint report from SAP and Onapsis warns that advanced threat actors are targeting new vulnerabilities in SAP applications within days after the availability of security patches. [Read More]
Researchers report that a subgroup of the Molerats APT is employing voice changing software in attacks targeting regional adversaries and political opponents. [Read More]
In a new pilot program, the U.S. DoD invites the HackerOne community to remotely test the participating DoD contractors’ assets and report on any identified vulnerabilities. [Read More]
PCAP provides what CISOs seek but rarely achieve – total visibility into the network. If PCAP is such a powerful security tool, why hasn’t it already been widely adopted? And is the movement within the federal agencies likely to migrate to the general business sector? [Read More]
Kaspersky researchers warn that China-linked APT group Cycldek using custom malware in a series of recent attacks targeting government and military entities in Vietnam. [Read More]
The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) warns that APT actors are exploiting Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Torsten George's picture
Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access.
Marc Solomon's picture
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
Laurence Pitt's picture
In the world of information security, it’s hard to flip between internet browser tabs without hearing a new term, and one of the biggest in 2020 was Secure Access Service Edge (SASE).
Gunter Ollmann's picture
CISOs and their security teams need to quickly master these technologies if they’re to successfully partner with in-house development teams and secure “data-in-use.”
John Maddison's picture
Multi-vendor environments with disparate security solutions that don’t integrate when deployed make it impossible for organizations to securely use the flexible network environments they need to compete effectively.
Tim Bandos's picture
Keeping a ‘six foot distance’ between our digital home life and digital work life can go a long way when it comes to safeguarding our most sensitive data, too.
Torsten George's picture
Ultimately, organizations must assume that bad actors are already in their networks. And consumers must realize they’re constant targets.
AJ Nash's picture
Knowing that threat intelligence is readily available and proving its worth is one thing, understanding how to use it within your security operations program is quite another.
Laurence Pitt's picture
To reap the benefits of 5G and ensure security, organizations must be smarter, fully educated and willing to work alongside the tech.
John Maddison's picture
SD-WAN connections are designed to constantly shift and adjust, replacing one connection that has become unstable with another without interrupting application performance.