Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Adobe ships patches for at least 18 serious security defects in multiple enterprise-facing products and warned that unpatched systems are at risk of remote code execution attacks [Read More]
Israeli venture capital outfit YL Ventures plans to invest in seed-stage rounds of approximately 10 cybersecurity startups at a pace of 3 startups per year [Read More]
Microsoft launched new managed services styled as a combination of technologies, threat intelligence and skilled personnel to help businesses hunt for signs of compromise or outsource the handling of detection and response incidents. [Read More]
By the end of 2023, GitHub will mandate that all code contributors secure their computers with at least one form of two-factor authentication (2FA) account protection. [Read More]
The U.S. government is barreling ahead with plans to mitigate future threats from quantum computing with a new White House memo directing federal agencies to jumpstart an all-hands-on-deck approach to migrating to quantum-resistant technologies. [Read More]
Threat hunters at Kaspersky find a malicious campaign that abuses Windows event logs to store fileless last stage Trojans and keep them hidden in the file system. [Read More]
Hubble Technology banks $9 million in venture capital funding to build an “agentless technology asset visibility” aimed at disrupting the asset management space. [Read More]
Cisco has issued another warning over the use of counterfeit switches, advising customers to update the software on devices before they are onboarded. [Read More]
Mandiant warns that a new threat actor is using backdoors to remain undetected for "an order of magnitude longer than the average dwell time of 21 days in 2021." [Read More]
Endpoint visibility technology vendor Fleet attracted $20 million in new funding at a valuation in the range of $100 million. [Read More]
- 1 of 200
- ››
FEATURES, INSIGHTS // Network Security
Linux is becoming a more popular target for attackers as it operates the back-end systems of many networks and container-based solutions for IoT devices and mission-critical applications.
Security systems can struggle to keep up when networks are in a constant state of flux—optimizing connections, redirecting workflows, adding new edges or endpoints, or scaling to meet shifting demands.
Analyzing the attack goals of adversaries is important to be able to better align defenses against the speed of changing attack techniques.
Cyber resilience is the only way to guarantee true Zero Trust. When implemented properly, resilient Zero Trust becomes a preventive measure that counteracts human error, malicious actions, and decayed, insecure software.
No matter how far you stray from having a perfect system — or how close you come to attaining one — the pursuit is always an essential and worthwhile investment of your time.
Zero Trust is not simply a product. If someone says it is, they probably either don't know what they're talking about or have watered down their marketing to the point of making it misleading.
By anonymizing their activities and assets, colleges and universities can protect people, data and applications from cyber threats at the network level by making themselves invisible.
Living-off-the-land attacks are effective because they allow attackers to hide their activities in legitimate processes and makes it harder for defenders to detect them. These tools also make attack attribution much harder.
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
While the sky just may be the limit (or actually, it may not be), when it comes to cybercriminals, three key areas where we expect to see more activity in the coming year are space, digital wallets and esports.
- 1 of 55
- ››
Get the Daily Briefing
- Cornami Raises $68 Million for Quantum Secure Computing on Encrypted Data
- US Government Says North Korean IT Workers Enable DPRK Hacking Operations
- Now Live: SecurityWeek Threat Intelligence Summit Virtual Event
- The Vulnerable Maritime Supply Chain - a Threat to the Global Economy
- National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques
- Over 380,000 Kubernetes API Servers Exposed to Internet: Shadowserver
- Carlyle to Acquire Defense Contractor ManTech in $4.2 Billion Deal
- NVIDIA Patches Code Execution Vulnerabilities in Graphics Driver
- Large-Scale Attack Targeting Tatsu Builder WordPress Plugin
- New Special Interest Group Aims to Enhance ICS/OT Cyber Defenses
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy