2,322 articles · page 29 of 47
Security Boulevard, Tuesday, July 16th, 2024
63% of organizations suffered cyberattacks due to unpatched vulnerabilities, highlighting a critical issue. However, top-tier companies consistently maintain superior security. How do they do it? Their advantage lies in a robust vulnerability management strategy, anchored by a well-defined vulnerability management lifecycle (VML).
more →
CSO Online, Monday, July 15th, 2024
Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware. This list, though not comprehensive, presents the most significant CPU and DRAM threats.
more →
HelpNet Security, Monday, July 15th, 2024
AuditBoard launched out-of-the-box (OOTB) self-assessment tools that enable internal auditors to easily assess and streamline conformance with the new Institute of Internal Auditors (IIA) Global Internal Audit Standards ('Standards') that go into effect January 9th, 2025.
more →
Security Boulevard, Monday, July 15th, 2024
Phishing attacks are becoming increasingly sophisticated, and the latest attack strategy targeting employees highlights this evolution.
more → SecurityIntelligence, Monday, July 15th, 2024
Cybersecurity experts tell organizations that the question is not if they will become the target of a cyberattack but when.
more →
Security Boulevard, Friday, July 12th, 2024
Data protection is a top concern for businesses both large and small, and that's where NIST comes in. NIST, or the National Institute of Standards and Technology, provides a framework to help organizations manage and reduce cyber risk.
more → Security Boulevard, Friday, July 12th, 2024
Certificate Lifecycle Management (CLM) involves discovering, issuing, renewing, and revoking digital certificates, crucial for enterprise cybersecurity. Key pillars: Discover, Deploy, Revoke and Replace, Renew, Integration.
more → ComputerWorld, Thursday, July 11th, 2024
UEM has emerged as the next step in the development of enterprise mobility software, offering better management of a wider range of devices. By extending EMM capabilities to laptops and desktops, UEM tools helped enterprises make the quick move to remote work.
more →
HelpNet Security, Thursday, July 11th, 2024
In this Help Net Security interview, Chaim Mazal, Chief Security Officer at Gigamon, discusses cybersecurity preparedness measures for businesses, the impact of international inconsistencies on global operations, and the board's role in cybersecurity.
more → Gestalt IT, Thursday, July 11th, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has released a comprehensive guide to bolster operational security (OPSEC) for election officials. This guide aims to enhance the security of election infrastructure by offering detailed strategies for identifying and mitigating potential risks within the election context. This and more on The Rundown.
more →
CSO Online, Thursday, July 11th, 2024
Spending sprees, acquisitions, siloed departments, and escalating security concerns have many CISOs drowning in security solutions. Here's how to rein in the tool sprawl and ensure enhanced security as you streamline your security stack.
more → SC Media, Wednesday, July 10th, 2024
There are many significant challenges in cybersecurity -- perhaps none bigger than improving software security through more secure design and development.
more →
DARKReading, Tuesday, July 9th, 2024
In an era where cybersecurity threats are becoming increasingly sophisticated, understanding the dynamics of Security Operations Centers (SOCs) is more critical than ever.
more →
Security Boulevard, Monday, July 8th, 2024
The Cybersecurity Maturity Model Certification (CMMC) is a crucial program for defense contractors. CMMC Level 2, referred to as Advanced, applies to the 80,000 organizations that handle Controlled Unclassified Information (CUI).
more → Security Boulevard, Monday, July 8th, 2024
Software security is key to the online world's survival. Collaborative efforts of cybersecurity professionals and volunteers have come together to create the OWASP web security testing guide. Malicious actors constantly threaten web applications, the backbone of many businesses. OWASP penetration testing is crucial for identifying and addressing these security vulnerabilities.
more → Security Boulevard, Monday, July 8th, 2024
In episode 337, we cover 'broken' news about the new SSH vulnerability 'regreSSHion' highlighting the vulnerability discovered in the OpenSSH protocol by Qualys and its implications.
more → SC Media, Friday, July 5th, 2024
One-time passwords (OTPs) are everywhere - we have all experienced them in our daily lives.
more → WeSecureApp, Thursday, July 4th, 2024
It's 3 am. Your phone screams. Hackers are in your system. Panic sets in. But wait! Your Blue Team has been sharpening its skills, thanks to the relentless challenges posed by the Red Team. Red Team vs Blue Team isn't just an exercise; it's a strategic advantage.
more →
Security Boulevard, Thursday, July 4th, 2024
With cybersecurity threats on the rise, it's harder than ever for organizations to adequately protect themselves, especially since any device connected to the internet poses a security risk.
more → Security Boulevard, Wednesday, July 3rd, 2024
Have you ever gotten that sinking feeling that your personal information might be out in the open? At WeSecureApp we monitor several major breaches that occurred this month, exposing a wide range of data from financial information to phone numbers.
more → APONO, Wednesday, July 3rd, 2024
As businesses continue to expand their reliance on cloud security and privileged access management, the imperative to implement least privilege access in a manner both effective and efficient cannot be overstated.
more →
ITPro, Monday, July 1st, 2024
Researchers have uncovered the first security flaw affecting OpenSSH in almost two decades, and it's a big one - here's what you need to know
more →
scytale, Monday, July 1st, 2024
The General Data Protection Regulation (GDPR) is a comprehensive data privacy law enacted by the European Union (EU) to protect the personal data of EU citizens and residents.
more →
Analytics Insight, Monday, July 1st, 2024
Scaling Your SOC: Conquering 7 Major Challenges with Comprehensive and Effective Strategies
more →
Medium, Monday, July 1st, 2024
A Security Engineering Commentary from industry insider Rohan Bafna , SecOps Engineer.
more →
DARK Reading, Monday, July 1st, 2024
To be effective, managing risk demands both fast responses and strategic thinking.
more → opensourceforu, Thursday, June 27th, 2024
Traditional and off-the-shelf security tools for the cloud may lull organisations into a false sense of being safe from cyber threats. This first article in the two-part series explains why organisations must develop an 'enterprise cloud security governance strategy'.
more →
descope, Thursday, June 27th, 2024
With most businesses now having a digital presence, user identity is the new battleground for cybercriminals.
more →
Gigacom, Wednesday, June 26th, 2024
In an age where cyber threats are growing exponentially, traditional security measures are no longer sufficient. At RSAC 2024, Cisco's Jeetu Patel and Tom Gillis made a compelling case for the transformative power of AI in cybersecurity during their keynote presentation, 'The Time is Now: Redefining Security in the Age of AI.' Their insights provide a roadmap for how AI can enhance cybersecurity, moving defenses from reactive to proactive.
more →
ITProToday, Wednesday, June 26th, 2024
Passwords are still criminally insecure and can be cracked or guessed by hackers with ease, but what precautions can you take to avoid getting breached?
more → CSO Online, Wednesday, June 26th, 2024
Top IT security execs are rising in prominence, increasing their business acumen, and branching into new arenas, as they become the company's key purveyor of trust.
more → techradar.com, Tuesday, June 25th, 2024
The necessity of a multi-faceted approach
more →
Gupta Deepak, Monday, June 24th, 2024
Say goodbye to passwords! Passkeys are the next generation of authentication, offering enhanced security and convenience. Learn how passkeys work, their benefits over passwords, and why they are the future of secure online access.
more →
HelpNet Security, Monday, June 24th, 2024
Organizations continue to struggle in detecting breaches as they become more targeted and sophisticated, with more than 1 out of 3 organizations citing their existing security tools were unable to detect breaches when they occur, according to Gigamon.
more → theCUBEresearch, Saturday, June 22nd, 2024
As customers try to 'get AI right,' the need to rationalize siloed data becomes increasingly important. Data practitioners could put all their data eggs into a single platform basket, but that's proving impractical.
more →
CYPHERE, Tuesday, June 18th, 2024
The Payment Card Industry Data Security Standard (PCI DSS) is a global cornerstone for safeguarding cardholder data. PCI DSS version 4.0, the most recent iteration, emphasises a dynamic, risk-based approach to security, compelling organisations to tailor their controls to their unique environments.
more →
DARKReading, Friday, June 21st, 2024
Ticketmaster, Santander Bank, and other large firms have suffered data leaks from a large cloud-based service, underscoring that companies need to pay attention to authentication.
more → TechRepublic, Friday, June 21st, 2024
Gartner VP Analyst Dionisio Zumerle shares three leadership strategies for achieving cybersecurity platform consolidation.
more →
techradar.com, Thursday, June 20th, 2024
Putting too much faith in SSO could be fatal for some businesses
more → HelpNet Security, Wednesday, June 19th, 2024
Action1 researchers found an alarming increase in the total number of vulnerabilities across all enterprise software categories.
more → techradar.com, Wednesday, June 19th, 2024
Ransomware casts a long shadow in today's digital landscape, threatening businesses of all sizes with data paralysis, operational interruption, reputational damage and severe financial repercussions
more → HelpNet Security, Wednesday, June 19th, 2024
This article compiles excerpts from various reports, presenting statistics and insights on cybersecurity threats faced by businesses and individuals alike.
more → Avoid the Hack, Wednesday, June 19th, 2024
DNS enables the easy navigation from website to website as you currently know it. However, the system wasn't exactly designed with your privacy and security in mind.
more →
Security Boulevard, Wednesday, June 19th, 2024
Vaudeville isn't dead, but the traditional song-and-dance, jugglers and animal acts have been displaced by technocrat philosophers, citing cyber dystopias and the uninsurability of the peril at industry events, wherever an audience of ten and an internet streaming device can be found.
more → techradar.com, Wednesday, June 19th, 2024
If you're using simple passwords, you're in trouble
more → CIO, Tuesday, June 18th, 2024
Over the last few years, AI adoption has grown exponentially. But with it comes a number of risks around endpoint security. Learn what they are and how you can protect against these new threats.
more →
CIO, Tuesday, June 18th, 2024
Compliance and security are often used interchangeably-yet, they serve different functions and are both vital to a strong identity program
more → AppOmni, Tuesday, June 18th, 2024
What's the difference? How can cybersecurity teams navigate a balance?
more →
Astrix, Monday, June 17th, 2024
Identity Threat Detection and Response (ITDR) is a framework that focuses on protecting your organization from being compromised by threat actors exploiting your organization's identities.
more →
techradar.com, Thursday, June 13th, 2024
It's time we left passwords in the past
more →