Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Bishop Fox has raised more than $154 million in lifetime funding to build and market technology for continuous attack surface management. [Read More]
VMware slapped a critical-severity rating on the bulletin and warned that three of the patched flaws are marked with a CVSS severity score of 9.8/10. [Read More]
For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
Redmond warns that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. [Read More]
The Red Cross is seeking support to create a “digital red cross/red crescent emblem” that would make clear to military and other hackers that they have entered the computer systems of medical facilities or Red Cross offices. [Read More]
Managed detection and response provider Binary Defense Systems this week announced it has raised $36 million in its first funding round. [Read More]
CISA, the FBI, and MS-ISAC have issued a joint guide to help federal agencies reduce the likelihood and impact of DDoS attacks. [Read More]
SASE provider Versa Networks announces raising $120 million in a pre-IPO funding round. [Read More]
Apple confirms the active exploitation of CVE-2022-42827, warning in a barebones advisory that the flaw exposes iPhones and iPads to arbitrary code execution attacks. [Read More]
Corsa Security has raised $10 million to further develop its network security solution Corsa Security Orchestrator (CSO). [Read More]
FEATURES, INSIGHTS // Network Security
Linux is becoming a more popular target for attackers as it operates the back-end systems of many networks and container-based solutions for IoT devices and mission-critical applications.
Security systems can struggle to keep up when networks are in a constant state of flux—optimizing connections, redirecting workflows, adding new edges or endpoints, or scaling to meet shifting demands.
Analyzing the attack goals of adversaries is important to be able to better align defenses against the speed of changing attack techniques.
Cyber resilience is the only way to guarantee true Zero Trust. When implemented properly, resilient Zero Trust becomes a preventive measure that counteracts human error, malicious actions, and decayed, insecure software.
No matter how far you stray from having a perfect system — or how close you come to attaining one — the pursuit is always an essential and worthwhile investment of your time.
Zero Trust is not simply a product. If someone says it is, they probably either don't know what they're talking about or have watered down their marketing to the point of making it misleading.
By anonymizing their activities and assets, colleges and universities can protect people, data and applications from cyber threats at the network level by making themselves invisible.
Living-off-the-land attacks are effective because they allow attackers to hide their activities in legitimate processes and makes it harder for defenders to detect them. These tools also make attack attribution much harder.
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
While the sky just may be the limit (or actually, it may not be), when it comes to cybercriminals, three key areas where we expect to see more activity in the coming year are space, digital wallets and esports.
Get the Daily Briefing
- Removing the Barriers to Security Automation Implementation
- Apple Scraps CSAM Detection Tool for iCloud Photos
- Vulnerabilities Allow Researcher to Turn Security Products Into Wipers
- WAFs of Several Major Vendors Bypassed With Generic Attack Method
- Iranian Hackers Deliver New 'Fantasy' Wiper to Diamond Industry via Supply Chain Attack
- Lighting Giant Acuity Brands Discloses Two Data Breaches
- TikTok Hit by US Lawsuits Over Child Safety, Security Fears
- CloudSEK Blames Hack on Another Cybersecurity Company
- Pwn2Own Toronto 2022, Day 2: Smart Speaker Exploits Earn Big Chunk of $280,000 Total
- Apple Adding End-to-End Encryption to iCloud Backup
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy