Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Analysis suggests the recent Ticketmaster breach was bigger and over a longer period than previously thought -- but it is only one part of a much larger and ongoing campaign to steal users' payment details. [Read More]
UK financial supervisory authorities have jointly published a discussion paper on building operational resilience into the financial sector. While cyber is a major risk, the concept is to build resilience to all risks including cyber. [Read More]
German web hosting firm DomainFactory shuts down forum following data breach. Hacker gained access to sensitive data, including banking information [Read More]
Hackers gained access to Timehop systems in December 2017, but the breach was only discovered on July 4. The incident affects 21 million users [Read More]
A recently detected Smoke Loader infection campaign is attempting to steal credentials from a broad range of applications, including web browsers, email clients, and more. [Read More]
Facebook confirms facing multiple inquiries from US and British regulators about the major Cambridge Analytica user data scandal [Read More]
Data security start-up firm Enveil has launched the first practical and scalable commercial homomorphic encryption platform, ZeroReveal. [Read More]
Several vulnerabilities, including ones rated critical, have been found in SICLOCK central plant clocks from Siemens. Only mitigations have been provided as the affected devices are being phased out [Read More]
Mozilla announces updated version of the Root Store Policy governing CAs trusted by its products [Read More]
Facebook notifies 800,000 users that people they had blocked were temporarily unblocked due to a bug. The company also detailed new API restrictions designed to protect user information [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Laurence Pitt's picture
The rapid proliferation of connected things is leaving networks exposed with more potential entry points that are vulnerable to attack.
Erin O’Malley's picture
SecOps and NetOps are starting to put aside their differences and find ways to work better together. As Gartner reports, these once distinct groups have begun to realize and accept that alignment is not a nice to have, but a business imperative.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
John Maddison's picture
Even though a NOC or a SOC consolidates a variety of tools and measurements into a single management system, they are still too isolated.
David Holmes's picture
There’s a popular attack vector among brute-force attackers right now that takes advantage of the 90-day password expirations commonly used by enterprises.
Joshua Goldfarb's picture
The security operations workflow has grown more sophisticated and complex, and the value that most organizations get out of their SIEM deployment is far lower than it used to be.
Alastair Paterson's picture
While a boon to productivity, some of the most ubiquitous file sharing services across the Internet are also at the heart of a global problem – publicly exposed data.
Travis Greene's picture
Closing the gaps in credential security requires awareness of what gaps exist and how to mitigate them.
Torsten George's picture
Implementing machine learning in the context of access control can help organizations reduce their reliance on passwords, and potentially get rid of them altogether.
Jim Ivers's picture
More vulnerabilities create more attacks; more attacks breed additional fatigue. So how can we wake up and fix the problems creating such a widespread headache?