Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Researchers say a UK-based document printing and binding company leaked hundreds of gigabytes of information, including sensitive military documents, via an unprotected AWS server. [Read More]
SecurityWeek analyzes the first major updates to NIST SP 800-53 in seven years, with expanded safeguards for protecting system security and privacy. [Read More]
NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes. [Read More]
Researchers say two connected financial services companies have exposed over 500,000 sensitive legal and financial documents. [Read More]
Thales, Telstra, Microsoft, and Arduino this week announced a partnership aimed at enabling the secure connection of IoT devices to the cloud. [Read More]
Axis Security, a company that specializes in private application access, has emerged from stealth mode with $17 million in funding. [Read More]
Hellman & Friedman has agreed to acquire a majority interest in Checkmarx from Insight Partners in a deal valuing the company at $1.15 billion. [Read More]
Researchers have discovered 16 types of vulnerabilities, including many backdoors, in Zyxel’s CloudCNM SecuManager network management software. [Read More]
Senators this week introduced a bill aimed at banning the use of the China-made TikTok application on government devices. [Read More]
Google has released a new tool designed to identify potential USB keystroke injection attacks and block devices they originate from. [Read More]
- 1 of 436
- ››
FEATURES, INSIGHTS // Security Infrastructure
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
It’s up to humans, guided by instinct, intelligence and experience, to determine the right data, so they can focus on what matters to the organization, make better decisions and take the right actions.
Many organizations are not aware that their network sensors are improperly or inefficiently deployed because they do not have a full understanding of how to act on the network traffic being collected.
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
A security platform is much more than just wrapping a collection of security tools together into a single bundle and then adding some sort of a shell script so independent management tools appear to be part of a congruent solution.
If there’s one thing you can be sure of about user authentication methods today, it’s that determining the best choice isn’t as simple or straightforward as it used to be.
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Physical and virtual security appliances traditionally suffer from performance challenges, especially when it comes to critical functions such as inspecting encrypted traffic.
As the technology and tools to leverage stolen credentials advance, defenders should seek out innovative new ways to proactively flag exposed passwords leveraging insights gleaned from illicit communities and open-web dumps.
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
- 1 of 104
- ››
Subscribe to the Daily Briefing
- Privacy Rights May Become Next Victim of Killer Pandemic
- Europol: Criminals Exploit Virus Crisis as Fresh Opportunity
- Google Sees Drop in Government-Backed Phishing Attempts
- Russian Hackers Exploited Windows Flaws in Attacks on European Firms
- Senator Urges Vendors to Secure Networking Devices Amid COVID-19 Outbreak
- GitHub Paid Out Over $1 Million in Bug Bounties
- Websites of U.S. Presidential Candidates Pose Security, Privacy Risks
- Unofficial Patches Released for Exploited Windows Font Processing Flaws
- No Patch for VPN Bypass Flaw Discovered in iOS
- Spyware Delivered to iPhone Users in Hong Kong Via iOS Exploits
Copyright © 2020 Wired Business Media. All Rights Reserved. Privacy Policy