Security Experts:

Security Infrastructure
long dotted


Security researchers found that SoftNAS Cloud Enterprise customers with openly exposed SoftNAS StorageCenter ports directly to the internet are vulnerable to an authenticated bypass. [Read More]
Norwegian metals and energy giant Norsk Hydro is working on restoring systems after being hit by ransomware, but the company says it does not plan on paying the hackers. [Read More]
Security services provider Cloudflare released MITMEngine and MALCOLM, two new tools that can be used for HTTPS interception detection. [Read More]
Mobile app security firm Blue Cedar raises $17 million in a Series B funding round. The money will be used to accelerate growth and enhance its platform. [Read More]
Google has released its Sandboxed API as open source to make it easier for software developers to create secure products. [Read More]
Slack launches Enterprise Key Management, an Enterprise Grid add-on feature that gives organizations total control over their encryption keys. [Read More]
Ukraine's security service believes it's prepared to prevent Russia from interfering in its upcoming election. [Read More]
Chinese e-commerce giant Gearbest exposed user data through unprotected databases. The company has downplayed the incident and blamed it on an error made by a member of its security team. [Read More]
Threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol in an attempt to bypass multi-factor authentication (MFA). [Read More]
Google informs G Suite administrators that they can now remove phone-based 2-step verification methods to further improve account security. [Read More]

FEATURES, INSIGHTS // Security Infrastructure

rss icon

Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Ashley Arbuckle's picture
Through market consolidation, organizations can derive exponentially more value from their security tools.
John Maddison's picture
While many organizations are struggling to secure their diverse, complex, and rapidly expanding networks, they are now facing a new challenge created by convergence.
Laurence Pitt's picture
As we continue to increase our dependency on communications networks and technologies to move tremendous amounts of data, we open up greater potential for serious disaster should they be compromised.
Erin O’Malley's picture
It’s important for IT security teams to understand the slight, but potentially significant difference between MFA and two-factor (2FA) authentication.
Stan Engelbrecht's picture
Automation tools have changed the way that security teams turn information into action, with the ability to automatically search and collect threat intelligence from a variety of third-party sources.
Ashley Arbuckle's picture
Network Segmentation can prevent lateral movement and effectively improve security, and is a continuous journey that every organization should take.
John Maddison's picture
Security frameworks need to see and adapt to network changes, share and correlate threat intelligence, and respond to threats as a unified system.