Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Wiz shares information on an Oracle Cloud Infrastructure vulnerability allowing attackers to modify users’ storage volumes without authorization. [Read More]
Researchers have resurrected a 15-year-old Python vulnerability that is present in an estimated 350,000 open source projects and many closed-source applications. [Read More]
The SEC announced that Morgan Stanley will pay a $35 million fine to settle charges related to the company exposing the personal information of millions of customers. [Read More]
CrowdStrike is elbowing its way into new security markets with a planned acquisition of attack surface management startup Reposify and a strategic investment in API security vendor Salt Security. [Read More]
Operant Networks has emerged from stealth mode with $3.8 million in seed funding and a Secure Access Service Edge (SASE) solution for energy operational technology (OT). [Read More]
Ride sharing giant Uber is downplaying the impact from a devastating security breach that included the theft of employee credentials, access to the HackerOne bug bounty dashboard and data from an internal invoicing tool. [Read More]
A group of academic researchers have devised a method of reconstructing text exposed via participants’ eyeglasses and other reflective objects during video conferences. [Read More]
Security Operations Center (SOC) platform provider Cyrebro has raised $40 million in Series C funding. [Read More]
Multiple Netgear router models are vulnerable to arbitrary code execution via a third-party module designed for online game acceleration. [Read More]
CISA and the NSA have published considerations on the benefits and security of implementing an Open Radio Access Network (RAN) architecture. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

John Maddison's picture
Security systems can struggle to keep up when networks are in a constant state of flux—optimizing connections, redirecting workflows, adding new edges or endpoints, or scaling to meet shifting demands.
Derek Manky's picture
Analyzing the attack goals of adversaries is important to be able to better align defenses against the speed of changing attack techniques.
Gordon Lawson's picture
Obfuscation technology creates a path to data and applications residing in commercial clouds that cannot be traced, and can be helpful for healthcare data security
Torsten George's picture
Cyber resilience is the only way to guarantee true Zero Trust. When implemented properly, resilient Zero Trust becomes a preventive measure that counteracts human error, malicious actions, and decayed, insecure software.
Marie Hattar's picture
No matter how far you stray from having a perfect system — or how close you come to attaining one — the pursuit is always an essential and worthwhile investment of your time.
John Maddison's picture
Zero Trust is not simply a product. If someone says it is, they probably either don't know what they're talking about or have watered down their marketing to the point of making it misleading.
Gordon Lawson's picture
By anonymizing their activities and assets, colleges and universities can protect people, data and applications from cyber threats at the network level by making themselves invisible.
Landon Winkelvoss's picture
Regardless of the type of risk and the adversary you encounter, there are common approaches that will allow enterprises to identify and mitigate those risks.
Derek Manky's picture
Living-off-the-land attacks are effective because they allow attackers to hide their activities in legitimate processes and makes it harder for defenders to detect them. These tools also make attack attribution much harder.
John Maddison's picture
Cybersecurity deployments have become as complex as the networks they are trying to protect. And that’s not a good thing.