Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Danish wind turbine manufacturer confirms a cyber attack has impacted parts of internal internal IT infrastructure and that data has been compromised. [Read More]
The newly discovered Android banking trojan targets international banks and five different cryptocurrency services. [Read More]
Microsoft's threat hunters have caught Iranian threat actors breaking into IT services shops in India and Israel and stealing credentials for downstream software supply chain attacks. [Read More]
Start-up tokenization firm introduces a solution to the Right to be Forgotten (RTBF) problem inherent in new data protection and privacy legislation. [Read More]
Public cloud data protection provider Laminar has emerged from stealth with $32 million in Series A funding led by Insight Partners. [Read More]
Google paid roughly $60,000 in bug bounty rewards to the external security researchers reporting high-severity vulnerabilities in Chrome. [Read More]
Mandiant researchers says narratives used in the Ghostwriter information operations campaign are aligned with Belarusian government interests, suggesting at least partial involvement. [Read More]
Researchers showcase new attack that relies on non-uniform and frequency-based Rowhammer access patterns to bypass Target Row Refresh (TRR) on DDR4 DRAM. [Read More]
Microsoft-owned GitHub warns that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. [Read More]
Redmond says the evasive malware delivery method is being leveraged in attacks to deliver remote access Trojans (RATs), banking malware, and other malicious payloads. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Travis Greene's picture
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Preston Hogue's picture
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
Alastair Paterson's picture
While a boon to productivity, some of the most ubiquitous file sharing services across the Internet are also at the heart of a global problem – publicly exposed data.
Jim Ivers's picture
More vulnerabilities create more attacks; more attacks breed additional fatigue. So how can we wake up and fix the problems creating such a widespread headache?