Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements. [Read More]
U.S. President Joe Biden has signed a new national security memorandum focusing on the implementation of the cybersecurity requirements of an executive order issued in 2021. [Read More]
The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said. [Read More]
Microsoft says the new security mode in Edge browser can keep users safe from zero-day attacks. [Read More]
Google researcher documents a pair of Zoom security defects and chides the company for missing a decades-old anti-exploit mitigation. [Read More]
Cloud security firm Polar Security has emerged from stealth with $8.5 million seed funding to provide visibility into companies’ cloud data storage to allow security teams to secure the data and avoid compliance problems. [Read More]
1Password has closed a new $620 million funding round, pushing the password management software vendor's valuation to $6.8 billion. [Read More]
Banyan Security plans to invest the funds in sales and marketing, product development, and market expansion. [Read More]
Researchers have discovered several security and privacy issues in the application made by China for the 2022 Olympic Games. [Read More]
A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without needing access to the target's phone. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Marc Solomon's picture
Security Operations Centers do not need another acronym. What they need are capabilities that enable them to address their top use cases faster and more thoroughly in the face of evolving attacks.
Gordon Lawson's picture
For red teams, using an obfuscated network for testing offers the advantage of hiding who is performing the attack and where it is originating, for a more real-life context
John Maddison's picture
Recent changes have resulted in a proliferation of devices and users working from anywhere, which has expanded the digital attack surface and exposed more applications, devices, data, and users to risk.
Gordon Lawson's picture
Most cyber insurance providers are demanding that companies supply proof of their backup implementation in order to obtain an affordable policy.
John Maddison's picture
Zero-trust network access (ZTNA) simplifies secure connectivity by providing seamless, per-use access to applications, no matter where the user or application may be located.
Torsten George's picture
While there is no silver bullet to prevent cybersecurity attacks, ZTNA has become a necessity for organizations on their digital transformation journey by allowing to minimize the attack surface while ensuring the productivity of remote workers.
Laurence Pitt's picture
Cybersecurity Awareness Month is an excellent time to reflect on any changes made, and that might still need to be made since, as for many people hybrid has become the working ‘normal.’
John Maddison's picture
Organizations considering ZTNA should look for these three essential components as a minimum when evaluating any solution.
Gordon Lawson's picture
Current cloud deployments pose significant risks that could be mitigated with minor changes to infrastructure procurement and access.
Torsten George's picture
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.