Here are the top stories of recent weeks: 250 Million Customers Exposed in Microsoft Data Leak Mitsubishi Electric Claims China is Responsible for Recent Breach NSA Steps in to Offer Cloud Security Guidance to Businesses London Street Pedestrians to Be…
Category: Security Boulevard
Smaller Companies Need to Step Up Their Cyber Security Efforts
Whenever we hear about major cyber security attacks such as data breaches, it’s typically larger enterprises that are the victims. That makes sense, considering those events can potentially impact a lot of people and therefore are more likely to grab…
Assessing the Dangers Caused by Cryptojacking
Cryptojacking, also known as crypto mining, is an online threat hidden on a computer or a mobile device, using its resources to mine for cryptocurrencies. While doing so, cryptojacking takes over control of all types of technical devices and considerably…
The rise of insider cybersecurity threats | Cyber Work Podcast
Irena Mroz, VP and Co-founder of Nucleus Cyber, and Cyber Work podcast host Chris Sienko discuss all things internal threats, from intentional and malicious attacks to poor employee practices and… Go on to the site to read the full article…
Survey: SMBs Plan to Embrace AI but Don’t Know the Risks
Is 2020 the year that AI technology takes hold in SMBs? According to a study from Zix-AppRiver, the answer is yes. Nearly 9 out of 10 SMBs report they have a high interest in adopting AI this year; for businesses…
Dark Web Fraud and Cybercrime with Emily Wilson
In episode 105 for January 27th 2020: What are the new forms of fraud and cybercrime being found on the Dark Web? We discuss this fascinating topic with Emily Wilson, VP of Research at Terbium Labs. ** Show notes and…
Most Popular Cybersecurity Blog Posts from 2019
2019 was quite a year in cyberspace. As highlighted last month in my year-end top story blog, the top cybersecurity theme was all about the ways that ransomware targeted state and local governments and hospitals. In fact, we are still…
XKCD ‘Networking Problems’
via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD ‘Networking Problems’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: XKCD ‘Networking Problems’
DEF CON 27, Voting Village – Kartikeya Kandula’s ‘Unclear Ballot Automated Ballot Image Manipulation’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Voting Village – Kartikeya Kandula’s ‘Unclear Ballot Automated…
DEF CON 27, Voting Village – Joseph Marks’ Panel Discussion
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Voting Village – Joseph Marks’ Panel Discussion appeared…
Universal Directory Replacement
Learn about the requirements for a Universal Directory replacement that allows admins to employ a modern directory service for all their IT needs. The post Universal Directory Replacement appeared first on JumpCloud. The post Universal Directory Replacement appeared first on…
DEF CON 27, Voting Village – Panel Discussion With Kevin Collier, Kim Zetter, Eric Geller and Moderator Maggie MacAlpine – ‘What Role Can Journalists Play in Securing Elections’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Voting Village – Panel Discussion With Kevin Collier,…
Daniel Stori’s ‘To Save The DevOps World’
via Daniel Stori, crafting comics at turnoff.us Permalink The post Daniel Stori’s ‘To Save The DevOps World’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: Daniel Stori’s ‘To Save The DevOps World’
DEF CON 27, Voting Village – Kate Trimble’s ‘Ideas Whose Time Has Come: CVD, SBOM And SOTA’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Voting Village – Kate Trimble’s ‘Ideas Whose Time…
Ryuk Ransomware — Malware of the Month, January 2020
In the world of malware, Ryuk ransomware has gone from a rookie to a pro at a disturbing speed. Here we take a look at what Ryuk ransomware is, how it spreads, and how to protect your business from it. The post Ryuk Ransomware — Malware of…
Synopsys adds world-class security to Finastra’s banking app ecosystem FusionFabric.cloud
Finastra, a leading global Fintech company, has entered a partnership with the Synopsys Software Integrity Group to bring security to its app ecosystem. The post Synopsys adds world-class security to Finastra’s banking app ecosystem FusionFabric.cloud appeared first on Software Integrity…
Security Lessons from a Division 1 Football Coach
Jack Danahy, SVP, Security for Alert Logic reflects on the message and lessons shared by Coach Dan McCarney–a former Division 1 college football coach–and how those lessons can be applied to the world of cybersecurity. The post Security Lessons from…
XKCD ‘Solar System Changes’
via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD ‘Solar System Changes’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: XKCD ‘Solar System Changes’
Protecting Websites from Magecart and Other In-Browser Threats
The Rise of Third-Party Scripts Modern web applications have become increasingly reliant on external code, services and vendors that execute JavaScript code in the browser… often referred to as third-party scripts. As a close-to-home example shown below, Akamai executes dozens……
Embracing Data Privacy Day
Today is Data Privacy Day, commemorating the Council of Europe Treaty known as Convention 108, the first legally binding international treaty on data protection signed on January 28, 1981. This “holiday” was originally celebrated in Europe where it is known……
DEF CON 27, Voting Village – Kimberly Young McLear PhD ‘Organizational Cybernetics: A Key To Resilience’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Voting Village – Kimberly Young McLear PhD ‘Organizational…
Forrester Study on the Benefits of Cloud vs. On-Premises AppSec
Veracode recently commissioned Forrester Consulting to conduct research on the Total Economic Impact™ of using a cloud-based application security (AppSec) solution versus an on-premises solution. To collect information on the benefits and risks associated with the solutions, Forrester interviewed four…
DEF CON 27, Voting Village – Marian Schneider’s ‘Voting Systems Are Insecure: Lets Just Vote On Phones’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Voting Village – Marian Schneider’s ‘Voting Systems Are…
Cybersecurity Trends to Watch in 2020
The only way to break the endless cycles of data breaches is to learn from the past. Businesses are best prepared to take on future cybersecurity threats when they reflect on what they’ve dealt with so far and make an…
Menlo Security Protects Organizations from Iranian Retaliation
As warfare extends to cyberspace, U.S.-based organizations can use email and web isolation to protect users from common tactics used by Iranian-backed threat actors. The post Menlo Security Protects Organizations from Iranian Retaliation appeared first on Security Boulevard. Advertise…
IT Security: Detection Doesn’t Equal Protection
For too long, the sole emphasis of security vendors in the cybersecurity industry has been on detection. Once the attack has been reported to the end user, it seems the job is done. The next steps—the complex task of investigating…
Low-Intensity Conflict: Cyber, Iran’s Next Move
Iran’s next move could be one of low-intensity conflict that could have a big impact on our cyber infrastructures The level of angst and concern of a hot-war between Iran and the United States has largely been quelled, as time…
Update Your Browser to Support TLS 1.2 and WPA2-Enterprise
Organizations should be aware of an important update to TLS. TLS 1.2 is the most recent update that builds on top of TLS 1.0 and TLS 1.1 to increase network security. Updating your browsers and OS to TLS 1.2 is…
How dormakaba maintains email security through acquisition after acquisition
Mergers and acquisitions (M&A) can stimulate growth, provide opportunities to obtain a competitive advantage, increase market share, and even consolidate supply chains to reduce overhead costs. For example, when DORMA and Kaba merged in 2015 to form dormakaba, it allowed…
5 Reasons K-12 School Districts Should Replace Active Directory
K-12 schools struggle to fit Active Directory in their mixed-platform IT environments today, but that’s not the only reason they should replace AD. The post 5 Reasons K-12 School Districts Should Replace Active Directory appeared first on JumpCloud. The post…
WhiteHat Provides Free Vulnerability Discovery Services to Gov’t Agencies
As part of an effort to help chronically underfunded government agencies combat state-sponsored cyberattacks, WhiteHat Security, a unit of NTT, has decided to offer free of charge two services it provides for discovering vulnerabilities before and after application code is…
Microsoft Leaks 250M Customer Details in Azure Fat-Finger Faux Pas
A Microsoft customer support database was discovered by researchers, open to the public internet. No encryption, no passwords, no nothin’. The post Microsoft Leaks 250M Customer Details in Azure Fat-Finger Faux Pas appeared first on Security Boulevard. Advertise on IT…
The Joy of Tech® ‘The Fine Print On Apple’s Privacy’
via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech® Permalink The post The Joy of Tech® ‘The Fine Print On Apple’s Privacy’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: The Joy of Tech® ‘The…
How to Protect Your Business from Ransomware
After a series of ransomware attacks hit cities last year, finally some good news: Las Vegas was able to stop a ransomware cyber-attack in its tracks. When the cyber-attack was detected, the city responded by taking down its computer network…
DECEMBER 2019 AppSec Intelligence Report
This report summarizes Contrast Labs’ analysis of real world application attack and vulnerability data from December 2019. By providing continuous insight and detection from inside applications, Contrast can identify and trend the way that attackers pursue applications and combine that…
Glass Class: Finding Shadow IT
What can help you find what needs protecting in the crowded sea of apps going through your network? Shadow IT Discovery has the answer, with solutions that offer ease of use and visibility into the vulnerabilities present throughout your…
StackRox on security for Google Anthos
Today we shared the news that StackRox supports the Anthos platform (download joint solution brief), extending the reach of our hybrid and multicloud security approach. Anthos and the StackRox Kubernetes Security Platform share a lot of common principles in delivering…
5 Ways to Prevent Data Leakage
Define your data leakage prevention (DLP) policies to weigh convenience against caution, and prioritize security when sharing, monitoring and managing information Data leakage is defined as unintentional or unauthorized transfer of sensitive information to unsanctioned outsiders. In our hyper-connected world,…
Cybersecurity Process Issues Will Dominate 2020
More money than ever is being allocated to cybersecurity, yet the biggest issue most organizations will face in 2020 will be aligning cybersecurity and IT operations processes rather than mastering an individual technology. A recent survey of 400 IT leaders…
Facebookery: New Year, Same Missteps
via the inimitable Kate Cox – reporting at ArsTechnica of the most egregious political missteps by Mark Zuckerberg & Company. Carry-on, nothing to see here… ‘Following months of criticism for its decision to allow candidates for political office to tell…
Using Push Notifications for MFA
As more organizations adopt multi-factor authentication policies, many want to know the benefits of using push notifications for MFA. The post Using Push Notifications for MFA appeared first on JumpCloud. The post Using Push Notifications for MFA appeared first on…
DEF CON 27, Voting Village – Sherri Ramsay’s ‘2020 Ready Or Not’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Voting Village – Sherri Ramsay’s ‘2020 Ready Or…
Luke Kingma’s & Lou Patrick-Mackay’s Futurism Cartoons ‘Salaryman’
via Luke Kingma and Lou Patrick-Mackay at Futurism Cartoons Permalink The post Luke Kingma’s & Lou Patrick-Mackay’s Futurism Cartoons ‘Salaryman’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: Luke Kingma’s & Lou Patrick-Mackay’s Futurism Cartoons ‘Salaryman’
DEF CON 27, Voting Village – Tod Beardsley’s ‘Securing Voting Systems Beyond Paper Ballots’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Voting Village – Tod Beardsley’s ‘Securing Voting Systems…
What is a Package Dependency Manager?
This is an excerpt from Out of the Wild: A Beginner’s Guide to Package and Dependency Management, a Sonatype Guide. This is the first of three installments. The post What is a Package Dependency Manager? appeared first on Security Boulevard. …
Active Directory for Small Businesses
With Microsoft struggling to maintain dominance over IT infrastructure, admins are questioning whether AD is still the choice for small businesses. The post Active Directory for Small Businesses appeared first on JumpCloud. The post Active Directory for Small Businesses appeared…
Managing risks according to Clause 6 of ISO 27001
Clause 6 of ISO 27001 is one of the most important aspects for compliance, as it covers the actions you must take to address information security risks. Everything else you do to meet the Standard’s requirements informs or revolves around…
IntelliGO Acquired by ActZero
It’s not often we get to make an announcement quite this exciting: IntelliGO Networks has been acquired by ActZero, a Palo Alto-based artificial intelligence company! You can check out the press release here. This partnership means incredible things for our…
The 5 Most Essential Third-Party Cyber Risk Assessment Tools
Cybersecurity and compliance professionals agree that third-party cyber risk management is vital to organizations. Without having the right security policies and procedures in place, your organization could be vulnerable to a third-party cyberattack. This could spell disaster, both in terms…
5 Ways to Get the Most From Your PAM Program
As awareness around privileged access management builds, enterprises should also put thought into architecting an effective PAM program with a risk-based approach While privileged access management (PAM) has garnered significant attention in recent years, a few challenges still persist that…
DevOps Chats: Security for Developers, With ShiftLeft
DevSecOps has become a real thing over the last few years. The big shift has been making security tools that developers can use. ShiftLeft has been one of the leaders in this movement, recognizing that security had to shift left…
Thirty-four years in IT – The Application That Almost Broke Me (Part 9)
The last half of 2011 was for me an my team a really, really tough time. As I hinted to in this post, by August 2011 we were buried in Oracle 11 & application performance problems. By the time we were…
The Role PCI-DSS Plays in Security
If your business accepts credit card payments, then you need to comply with PCI-DSS standards. PCI-DSS stands for Payment Card Industry Data Security Standard. These are sets of rules established to protect against credit card fraud, hacking, and other security…
Unlocking the Key to the Cloud
Managing keys to assets and data in cloud deployments have become a key concern for many organizations. As explained by Kenneth Hui, a Solutions Architect at Rubrik, paraphrasing Kerckhoffs Principle, poor key management is “like having a state of the…
Morphisec Protects Customers Against Internet Explorer Scripting Zero Day
Recently, news came out about a vulnerability (CVE-2020-0674) in Microsoft’s Internet Explorer scripting engine based on how the browser handles memory. More specifically, within the JScript component of the scripting engine is an unspecified memory corruption vulnerability. What this means…
DEF CON 27, Aviation Village, Zoltan Madarassy’s ‘Behind The Scenes Of Hacking Airplanes’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Aviation Village, Zoltan Madarassy’s ‘Behind The Scenes Of…
More On ISOC’s .ORG Sale
via El Reg’s Kieren McCarthy – reporting from San Francisco – CA, comes an excoriating analysis of the corrupt sale of the TLD commonly known as .ORG*, and actions thereabouts. Read it and weep for your Interwebs. ‘Let’s check in…
The Joy of Tech® ‘Happy To See You’
via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech® Permalink The post The Joy of Tech® ‘Happy To See You’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: The…
When CISOs Lose Their Jobs…
In his recent CSO Online article, 7 Security Incidents That Cost CISOs Their Jobs, writer Dan Swinhoe looks at some of the most high profile breaches in recent history that resulted in the CISO either leaving or being fired. In…
Staying CCPA Compliant with MixMode’s Unsupervised AI
Companies are expected to spend up to $55 billion dollars on efforts to comply with the California Consumer Privacy Act (CCPA), which is still working out its final rules after going into effect this month. The post Staying CCPA Compliant…
HITRUST & PASSWORDS: 7 Important Password Policies for HITRUST
Our recommended healthcare password policies that complement and support HITRUST. Since its founding in 2007, HITRUST (Health Information Trust Alliance) champions programs that safeguard sensitive information and manage information risk for global organizations across all industries. HITRUST works with privacy,…
Davos 2020 World Economic Forum 2020 Global Risk Report Cyber Cliffs Notes
Each year the World Economic Forum releases their Global Risk Report around the time of the annual Davos conference. This year’s report is out and below are notes on the “cyber” content to help others speed-read through those sections (in…
Security Compass CEO Sets DevSecOps Strategy
Security Compass, a provider of tools for streamlining risk analysis, has appointed Rohit Sethi to be its CEO after receiving additional funding from FTV Capital. Security Compass founder and previous CEO Nish Balla will remain on the board of directors.…
Cloud, a Year in Review and Looking Forward
The post Cloud, a Year in Review and Looking Forward appeared first on CCSI. The post Cloud, a Year in Review and Looking Forward appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: Cloud,…
Best Practices in Database Security Planning
As the volume of enterprise data grows, database security is becoming more challenging than ever before. According to IDC, the volume of data worldwide will increase tenfold to 163 zettabytes by 2025, with most of that being created and managed…
Who Should the CISO Report To in 2020?
The debate over who the CISO should report to is a hot topic among security professionals, and that shows no sign of changing soon. That’s because there is still no standard or clear-cut answer. Ask CISOs themselves for their opinion,…
Understanding Policies: BitLocker and FileVault 2
The JumpCloud BitLocker and FileVault 2 Policies are key for enforcing FDE at scale across an organization’s Windows and Mac fleets. The post Understanding Policies: BitLocker and FileVault 2 appeared first on JumpCloud. The post Understanding Policies: BitLocker and FileVault…
2020 And Beyond: Idaptive’s Predictions and Expectations for the New Decade
Our predictions and expectations - Zero Trust, artificial intelligence and machine learning driven identity security, and password-less authentication are coming with the dawn of the new decade. The close of a year is a natural time for reflection, and when it…
DEF CON 27, Aviation Village, Art Manion’s ‘Ideas Whose Time Has Come CVD SBOM And SOTA’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Aviation Village, Art Manion’s ‘Ideas Whose Time Has…
XKCD ‘Unsubscribe Message’
via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD ‘Unsubscribe Message’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: XKCD ‘Unsubscribe Message’
Keep Telnet Off the Internet – Here’s Why
There are countless devices on the internet with open Telnet ports—at least 515,000 of them have easily-guessable username/password combos. The post Keep Telnet Off the Internet – Here’s Why appeared first on Security Boulevard. Advertise on IT Security News. Read…
3 Tips to Prevent Brute-Force Attacks on RDP Ports
If you have to expose your Windows RDP ports to the internet, follow these 3 tips to safeguard them from brute-force attacks. The post 3 Tips to Prevent Brute-Force Attacks on RDP Ports appeared first on JumpCloud. The post 3…
GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment
Cyberattacks are becoming more prevalent, and their effects are becoming more disastrous. To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance,…
IT Teams Need More Than Password Managers
IT departments need more than a password manager to keep them—and a company’s data—safe from cyberthreats All companies today are, to some extent, dependent on technology and the IT teams driving their systems and security in the background. These IT…
Security Pros Offer Best Bangs for 2020 Budget
How best to utilize your 2020 security budget? Here are a few recommendations from those in the know The new year is a chance for a fresh start, and for many organizations, that fresh start comes with a new budget…
DEF CON 27, Aviation Village, Dr. Will Roper’s and Jack Cable’s ‘Hacking The Air Force And Beyond’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Aviation Village, Dr. Will Roper’s and Jack Cable’s…
Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘Exclusively’
via the respected information security capabilities of Robert M. Lee & the superlative illustration talents of Jeff Haas at Little Bobby Comics. Permalink The post Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘Exclusively’ appeared first on Security Boulevard. Advertise on IT Security…
DEF CON 27, Aviation Village, Harshad Sathaye’s ‘Wireless Attacks On Aircraft ILS’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Aviation Village, Harshad Sathaye’s ‘Wireless Attacks On Aircraft…
Patch or Mitigate Dangerous Microsoft Windows CryptoAPI Spoofing Vulnerability ASAP
Qualys is a sponsor of TechSpective Microsoft kicked off the new decade with a bang. Last Tuesday was the first Microsoft Patch Tuesday of 2020, and one of the patches pushed out by Microsoft addresses a dangerous flaw in Crypt32.dll…
DEF CON 27, Aviation Village, Karl Koscher’s ‘An Introduction To The ARINC Standards’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Aviation Village, Karl Koscher’s ‘An Introduction To The…
DEF CON 27, Aviation Village, Ken’s and Alex’s ‘A Hackers First Solo: Airplane Avionics Security 101’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Aviation Village, Ken’s and Alex’s ‘A Hackers First…
XKCD ‘Bad Map Projection: South America’
via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD ‘Bad Map Projection: South America’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: XKCD ‘Bad Map Projection: South America’
Why IAM is a Must-Have in a Recession
IT departments are responsible for adapting to the changes a recession brings, which often involve heavy reliance on IAM tools. The post Why IAM is a Must-Have in a Recession appeared first on JumpCloud. The post Why IAM is a…
BBP: My Path to the CISO Chair
Testing, testing. May I have your attention, please. *Ahem* Allow me to introduce myself and this new series of articles for The Ethical Hacker Network. My name is Stephanie, better known as Steph or InfoSteph in the community. I have…
The Joy of Tech® ‘Trump: Step up Apple!’
via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech® Permalink The post The Joy of Tech® ‘Trump: Step up Apple!’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: The Joy of Tech® ‘Trump: Step up…
Oracle Spews 334 Patches, Many Critical. You Know the Drill
Next up: Oracle’s latest quarterly patch batch. Hundreds of separate bugs squashed, many extremely serious. The post Oracle Spews 334 Patches, Many Critical. You Know the Drill appeared first on Security Boulevard. Advertise on IT Security News. Read the…
NIST Publishes Privacy Framework
The National Institute of Standards and Technology, an arm of the U.S. Department of Commerce, has published version 1.0 of a privacy framework to help organizations think through the process of securing personal data. The NIST privacy framework consists of…
Equifax Ordered to Spend $1 Billion on Data Security
Credit reporting agency Equifax continues to pay through the nose after the mega breach it suffered in 2017 resulted in the leak of 147 million customer records and the firing of three executives. The post Equifax Ordered to Spend $1…
Compliance and Privacy in the GDPR Era
In the age of GDPR and CCPA, there seems to be more conjecture about compliance and personal privacy than there is about the weather. It’s understandable, as predicting the conditions outside seems a lot easier than devising and implementing an…
Clop Ransomware Not Just a CryptoMix Variant
When Clop was discovered by Jakub Kroustek in February 2019, all indicators showed that it was a new CryptoMix with the .CLOP, or in some circumstances .CIOP, extension tagged onto encrypted files. Since this discovery, the ransomware operators behind Clop…
ISO 27701: The New International Privacy Standard to Demonstrate Compliance with Privacy Laws
In August 2019, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) released a new privacy standard set to become the benchmark for helping organizations comply with international privacy frameworks and laws. ISO/IEC 27701:2019 serves as a…
Iranian Retaliatory Cyber Threats Are a Reminder of the Importance of Sound Incident Response
As if security operations professionals don’t have enough on their plates, they can add a new geo-political event — the… The post Iranian Retaliatory Cyber Threats Are a Reminder of the Importance of Sound Incident Response appeared first on Siemplify.…
How Next-Gen WAF Empowers the DevOps Lifecycle
Signal Sciences next-gen WAF can send and receive data to and from a wide range of security and DevOps tools via our API and integrations with various infrastructure and security tooling. The layer 7 telemetry we gather from inspecting and……
What’s New in Tufin Policy Orchestration Suite R19-3
We are excited to welcome 2020 with the release of Tufin Orchestration Suite 19-3 with new features and enhancements, including greater support of our customers’ Software-Defined Networking (SDN) initiatives, whether they implemented Cisco Application Centric Infrastructure (ACI) or VMware NSX-T…
Forbrukerrådet: New Study’s Conclusion – The Advertising Industry Are Law Breakers On A Massive Scale
Outstanding reports – via Norwegian Forbrukerrådet detailing the systematic criminal behavior exhibited by Advertising Entites and their Ilk, with the resultant aglommeration of data which permits them to collect and store an ever increasing and exponentially aggregious compendiums of personal…
2019 in Review: Data Breach Statistics and Trends
What were the most significant data breaches in 2019? Will ransomware still be a threat in 2020? (Spoiler alert: It’s forecast to be worse than ever.) Which industries were attacked most? * We have put together a shortlist of overview…
XKCD ‘Tattoo Ideas’
via the comic delivery system monikered Randall Munroe at XKCD! Permalink The post XKCD ‘Tattoo Ideas’ appeared first on Security Boulevard. Advertise on IT Security News. Read the complete article: XKCD ‘Tattoo Ideas’
DEF CON 27, Appsec Village, Anthony “karver” Kava’s ‘How Bad Could It Be?’ ‘Inside Law Enforcement And Local.Gov Appsec”
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Appsec Village, Anthony “karver” Kava’s ‘How Bad Could…
5 Cybersecurity Threats That Will Dominate 2020
At MixMode, we can’t help but imagine the flip side of all that potential. An increasingly connected cyber landscape means an increased number of potential targets for bad actors. New tech is exciting, but it’s often inherently vulnerable to cyberattacks.…
DEF CON 27, Appsec Village, Guy Barnhart Magen’s ‘Crypto Failures And How To Avoid Them’
Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn. Permalink The post DEF CON 27, Appsec Village, Guy Barnhart Magen’s ‘Crypto Failures And…