Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

A security flaw in Intel's Advanced Management Technology (AMT) technology can be abused with less than a minute of physical access to the device to gain full remote acces. [Read More]
Senators, Elizabeth Warren, D-Mass., and Mark Warner, D-Va, introduced a bill that would provide the Federal Trade Commission (FTC) with punitive powers over the credit reporting industry. [Read More]
Russia-linked hackers leaked private correspondence between International Olympic Committee officials in response to Russia being banned from the Pyeongchang 2018 Winter Games [Read More]
Free and open Certificate Authority (CA) Let’s Encrypt on Tuesday disabled TLS-SNI-01 validation after learning that users could abuse it to obtain certificates for domains they do not own. [Read More]
Apple updates iOS, macOS and Safari to mitigate the effects of the CPU vulnerabilities behind the Spectre attack. Meltdown mitigated before disclosure [Read More]
Firmware updates released by Western Digital for its MyCloud family of devices address a series of security issues, including a hardcoded backdoor admin account. [Read More]
Several vulnerabilities found and patched in some Dell EMC data protection products. Some VMware products are also impacted [Read More]
Microsoft Word's subDoc feature that allows for the loading of sub-documents from a master document can be abused by attackers to steal a user’s credentials, Rhino Security Labs reveals. [Read More]
What really excites McAfee SVP and CTO Steve Grobman about the Skyhigh acquisition is the ability to combine and integrate visibility into cloud threats with McAfee's existing visibility into on-premise threats. [Read More]
Intel has started releasing software and firmware updates to protect devices against Meltdown and Spectre attacks. Updates expected for most CPUs by the end of next week [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Marc Solomon's picture
You need to increase the level of personalization to maximize the impact of threat data on your security operations and more effectively and efficiently protect your organization. There are several sources you can turn to.
Joshua Goldfarb's picture
There are far too many cybersecurity entrepreneurs who simply chase after the hot topic of the day and not working to solve the problems of tomorrow.
Travis Greene's picture
Maintaining consistent security controls across the entire hybrid IT environment is growing increasingly complex as more cloud services are adopted.
Scott Simkin's picture
While it's not possible to put a physical firewall in the cloud, security professionals must apply the same rigor to secure the cloud as they would the network or the endpoint.
Erin O’Malley's picture
Detecting compromises requires monitoring a series of activities over time. Unfortunately, most security tools only have visibility into a certain set of activities and cannot see and comprehend the entire kill chain.
Marc Solomon's picture
There’s no reason that 2018 should be another year where attackers continue to successfully exploit the known.
Alan Cohen's picture
While the overwhelming array of choices has given technologists a lot to evaluate, they have not gone far enough to lower the actual security risk facing organizations.
Joshua Goldfarb's picture
Many organizations seem to focus almost entirely on technological solutions to tactical problems, rather than on strategically addressing how they can best and most efficiently protect data.
Marie Hattar's picture
Without visibility, your security teams are more likely to over or under invest in your company’s security infrastructure. That is a big risk to take.
John Maddison's picture
Cybercriminals have begun to leverage automation and machine learning in their attack tactics, techniques, and procedures (TTP).