Security Experts:

Security Infrastructure
long dotted

NEWS & INDUSTRY UPDATES

Russia-linked hackers leaked private correspondence between International Olympic Committee officials in response to Russia being banned from the Pyeongchang 2018 Winter Games [Read More]
Free and open Certificate Authority (CA) Let’s Encrypt on Tuesday disabled TLS-SNI-01 validation after learning that users could abuse it to obtain certificates for domains they do not own. [Read More]
Apple updates iOS, macOS and Safari to mitigate the effects of the CPU vulnerabilities behind the Spectre attack. Meltdown mitigated before disclosure [Read More]
Firmware updates released by Western Digital for its MyCloud family of devices address a series of security issues, including a hardcoded backdoor admin account. [Read More]
Several vulnerabilities found and patched in some Dell EMC data protection products. Some VMware products are also impacted [Read More]
Microsoft Word's subDoc feature that allows for the loading of sub-documents from a master document can be abused by attackers to steal a user’s credentials, Rhino Security Labs reveals. [Read More]
What really excites McAfee SVP and CTO Steve Grobman about the Skyhigh acquisition is the ability to combine and integrate visibility into cloud threats with McAfee's existing visibility into on-premise threats. [Read More]
Intel has started releasing software and firmware updates to protect devices against Meltdown and Spectre attacks. Updates expected for most CPUs by the end of next week [Read More]
Researchers found that Google Apps Script could have been exploited by hackers to automate malware downloads [Read More]
Microsoft, Amazon, ARM, Google, Apple and others have addressed the Meltdown and Spectre vulnerabilities affecting CPUs [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

John Maddison's picture
Cybercriminals have begun to leverage automation and machine learning in their attack tactics, techniques, and procedures (TTP).
Justin Fier's picture
Organizations still using the legacy approaches from a year ago to five years ago are consistently outpaced and forced to play catch-up.
Travis Greene's picture
There are serious challenges to enabling true hybrid choice, covering mainframe, distributed, virtual, private and public cloud environments.
Marc Solomon's picture
It is important to have a prioritized list of vulnerabilities based on the threats to your organization; this list will be different for each company based on their environment and risk profile.
Scott Simkin's picture
A machine learning system needs to be trained, and it cannot be trained without a large amount of previous data and intelligence.
Lance Cottrell's picture
Passive Information Leakage (PIL) is one of the least known and most difficult forms of data lost to prevent, and is little understood, primarily because it cannot be addressed through conventional security practices.
Joshua Goldfarb's picture
Security teams have given up on building their workflow around a small number of “silver bullets” that claim to solve most of their problems
Dan Cornell's picture
As you start to get an idea of what your application portfolio looks like, you then need to start determining the specific risks that applications can expose your organization to.
Josh Lefkowitz's picture
It’s crucial to recognize that 2018 will very likely be yet another year of increasingly complex and damaging threats and incidents, which is why we must always build upon and further enhance our intelligence strategies.
Steven Grossman's picture
The challenge of data protection is not going away. Even without the ever-improving tactics of the bad guys, data sprawl has made it difficult for those just trying to do their jobs.