Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Israeli startup Opus Security has banked $10 million in seed round funding to build technology for cloud security orchestration and remediation. [Read More]
Apple acknowledged the macOS zero-days in an advisory but did not share technical details or indicators of compromise to help defenders hunt for signs of infections. [Read More]
The new sanctions designate Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for engaging in cyber-enabled activities against the United States and its allies. [Read More]
Microsoft security teams share details on ransomware attacks linked to DEV-0270, a subgroup of Iran-linked Phosphorus. [Read More]
Microsoft has identified four Iranian hacking groups that participated in a July 2022 cyberattack targeting the Albanian government. [Read More]
The U.S. government's CISA, NSA, and ODNI have released the first part of a three-part joint guidance series on securing the software supply chain. [Read More]
The latest funding was led by CIBC Innovation Banking and brings the total raised by the Maryland start-up to $100 million. [Read More]
Security researchers at Rapid7 discover multiple vulnerabilities in Sigma Spectrum infusion pump battery units, including the storing of WiFi credentials on non-volatile memory. [Read More]
Forty-one cybersecurity-related M&A deals were announced in August 2022. [Read More]
Zyxel has released patches for a format string vulnerability impacting the firmware of multiple NAS device models. [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Marie Hattar's picture
No matter how far you stray from having a perfect system — or how close you come to attaining one — the pursuit is always an essential and worthwhile investment of your time.
John Maddison's picture
Zero Trust is not simply a product. If someone says it is, they probably either don't know what they're talking about or have watered down their marketing to the point of making it misleading.
Gordon Lawson's picture
By anonymizing their activities and assets, colleges and universities can protect people, data and applications from cyber threats at the network level by making themselves invisible.
Derek Manky's picture
Living-off-the-land attacks are effective because they allow attackers to hide their activities in legitimate processes and makes it harder for defenders to detect them. These tools also make attack attribution much harder.
Gordon Lawson's picture
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Derek Manky's picture
While the sky just may be the limit (or actually, it may not be), when it comes to cybercriminals, three key areas where we expect to see more activity in the coming year are space, digital wallets and esports.
John Maddison's picture
Security must be as agile as today's workforce, ensuring consistent protection and optimal user experience regardless of where a user or device operates.
Marie Hattar's picture
In order to deliver on the promise of 5G, we need new industry standards for security, testing, and training to proactively combat 5G cyber threats and minimize risks.
Gordon Lawson's picture
For red teams, using an obfuscated network for testing offers the advantage of hiding who is performing the attack and where it is originating, for a more real-life context
John Maddison's picture
Recent changes have resulted in a proliferation of devices and users working from anywhere, which has expanded the digital attack surface and exposed more applications, devices, data, and users to risk.