2,322 articles · page 31 of 47
HelpNet Security, Monday, May 13th, 2024
Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed past CISA's deadlines, according to Bitsight.
more →
HelpNet Security, Monday, May 13th, 2024
The increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to Trellix.
more → Security Boulevard, Thursday, May 9th, 2024
Continuous threat exposure management (CTEM) is a formal program to manage cyber risk that allows organizations to enhance and optimize their overall cybersecurity posture.
more →
HelpNet Security, Thursday, May 9th, 2024
In the process of moving to the cloud, you need a security-first cloud migration strategy that considers both your security and compliance requirements upfront. In this article, we'll discuss how you can use resources from the Center for Internet Security (CIS) to create such an approach.
more → Search Enterprise Desktop, Wednesday, May 8th, 2024
Although patch and vulnerability management are intertwined, they differ in critical ways. It's important to have distinct tools and processes to execute both effectively.
more →
hyperproof, Wednesday, May 8th, 2024
Every organization needs to have security measures and policies in place to safeguard its data. One of the best and most important measures you can take to protect your data (and that of your customers) is simply to have a robust information security policy.
more →
scytale, Tuesday, May 7th, 2024
Let's be honest: anything with the word 'essentials' in it is bound to grab our attention. However, understanding yet another cybersecurity certification may be daunting, so we've consolidated everything you need to know about Cyber Essentials and whether or not this may be a tailor-made fit for your company.
more →
Kratikal Blogs, Tuesday, May 7th, 2024
In today's evolving threat landscape, endpoint security remains crucial. Endpoints, which can be any device that connects to your network - laptops, desktops, tablets, and even mobile phones - are a common target for cyber attacks. A successful endpoint breach can give hackers access to your whole network, potentially leading to serious consequences.
more →
NETWORKComputing, Tuesday, May 7th, 2024
SASE provides secure and efficient access to cloud-based services and resources for users, regardless of their location. Follow this checklist to attain this goal.
more →
SearchSecurity, Tuesday, May 7th, 2024
At RSA Conference 2024, Recorded Future detailed alarming trends as nation-state attackers operate under the guise of hacktivism to cover real threats to organizations.
more → SiliconANGLE , Monday, May 6th, 2024
Staying ahead of threats is not just a challenge, but a necessity when it comes to cybersecurity.
more →
Cyber Defense Magazine, Monday, May 6th, 2024
In an era where cyber threats loom larger and are more complex than ever, it is vitally important for organizations to have a cyber threat intelligence (CTI) program and implement threat intelligence operations (TI Ops) to bolster their defenses.
more →
Fortra, Friday, May 3rd, 2024
In the modern digital landscape, cybersecurity is paramount, making the differentiation between vulnerability scanning and penetration testing essential for safeguarding organizational assets.
more → HelpNet Security, Thursday, May 2nd, 2024
58% of the organizations were affected by a SaaS security incident in the last 18 months, according to Valence Security's 2024 State of SaaS Security Report.
more → Thales, Thursday, May 2nd, 2024
In the ever-evolving landscape of cybersecurity, Identity and Access Management (IAM) remains a vital link in the cybersecurity chain. However, with World Password Day just around the corner, there's no time like the present to consider how relying on antiquated password systems leaves organizations exposed to vulnerabilities
more →
Fortra, Thursday, May 2nd, 2024
With cybersecurity, the digital battlegrounds stretch across the vast expanse of the internet. On the one side, we have increasingly sophisticated and cunning adversaries. On the other, skilled cybersecurity practitioners who are desperate to protect their companies' assets at all costs. One fundamental truth rings clear: it's an ongoing and relentless battle of wits.
more →
HelpNet Security, Thursday, May 2nd, 2024
The exploitation of vulnerabilities as an initial point of entry almost tripled from the previous year, accounting for 14% of all breaches, according to Verizon's 2024 Data Breach Investigations Report, which analyzed a record-high 30,458 security incidents and 10,626 confirmed breaches in 2023.
more → Security Boulevard, Wednesday, May 1st, 2024
This is my informal, unofficial, unapproved etc blog based on my reading of the just-released Mandiant M-Trends 2024 report (Happy 15th Birthday, M-Trends! May you live for many googley years.)
more → SC Media, Wednesday, May 1st, 2024
The UK has become the first country worldwide to prohibit Internet of Things device manufacturers from using default usernames and passwords in their products following the approval of the Product Security and Telecommunications Infrastructure act, which seeks to bolster smart device cybersecurity, The Hacker News reports.
more →
ITPro, Wednesday, May 1st, 2024
Hackers are increasingly targeting remote desktop tools in their attacks, new research reveals, prompting warnings for enterprises globally
more →
WeSecureApp, Wednesday, May 1st, 2024
Data breaches are like uninvited guests at a party - they show up unexpectedly, take what they want, and leave a big mess behind.
more →
SC Magazine, Wednesday, May 1st, 2024
Verizon published its 2024 Data Breach Investigations Report (DBIR) Wednesday, highlighting the interplay between actions and attack vectors that provide the initial pathway for breaches.
more → Obsidian Security, Tuesday, April 30th, 2024
The MITRE ATT&CK framework is a continually evolving resource, tracking the tactics, techniques, and procedures (TTPs) employed by adversaries across all phases of an attack.
more →
Datamation, Monday, April 29th, 2024
The use of artificial intelligence (AI) in cybersecurity has fundamentally changed the way businesses protect themselves against cyberthreats.
more →
Search Networking, Monday, April 29th, 2024
Enterprises interested in SASE must grapple with challenges and misinformation about the tool. Businesses should discern SASE's true benefits before adoption.
more → Architecture and Governance, Monday, April 29th, 2024
Originally developed for federal use, the National Institute for Standards and Technology (NIST) Cybersecurity Framework (CSF) has been widely adopted across the world (and translated into numerous languages) by organisations to mitigate information security and organisational risk.
more →
The cyphere, Wednesday, April 24th, 2024
Penetration testing, or pen testing for short, is a critical way to protect IT systems and sensitive data from malicious activity proactively. This guide provides a comprehensive overview of how this technique works, business benefits, its types, methodologies, costs, and everything in between.
more →
Information Week, Wednesday, April 24th, 2024
How does law enforcement identify the people behind cybercrimes, and what happens afterward?
more →
scytale, Wednesday, April 24th, 2024
When you're working towards getting (and staying) compliant, it's only natural to want to make extra sure that you're doing it right.
more → HYPR, Wednesday, April 24th, 2024
Virtual private networks (VPNs) form a staple of the modern work environment. VPNs provide an essential layer of protection for employees working remotely or across multiple office locations, encrypting data traffic to stop hackers from intercepting and stealing information.
more →
DARKReading , Wednesday, April 24th, 2024
Attacks increased by "only" 19% last year. But that number is expected to grow significently.
more →
SearchSecurity, Tuesday, April 23rd, 2024
Mandiant's 'M-Trends' 2024 report offered positive signs for global cybersecurity but warned that threat actors are shifting to zero-day exploitation and evasion techniques.
more → SiliconANGLE , Tuesday, April 23rd, 2024
Global median dwell time, the average amount of time that attackers remain undetected on a target's network after gaining unauthorized access, has fallen to its lowest point in a decade.
more → InformationWeek, Friday, April 19th, 2024
An employee recognized something was wrong when they received an audio deepfake of the LastPass CEO.
more → HelpNet Security, Friday, April 19th, 2024
Threat actors are continuing to successfully breach across the entire attack surface and the stakes are only getting higher: 93% of enterprises who admitted a breach reported unplanned downtime, data exposure, or financial loss as a result, according to Pentera.
more → Cyberscoop, Wednesday, April 17th, 2024
Researchers from the Google-owned firm conclude that Sandworm personas are linked to several recent attacks on critical infrastructure.
more →
SearchSecurity, Wednesday, April 17th, 2024
Over the past decade, Sandworm has been responsible for high-severity attacks that highlight the group's persistence, evasion techniques and threat to government bodies.
more → SearchSecurity, Wednesday, April 17th, 2024
Mandiant released a report that links Sandworm, a Russian state-backed threat actor, to a series of recent cyberattacks against water utilities.
more → centraleyes, Tuesday, April 16th, 2024
The stakes for safeguarding sensitive information have never been higher. Cyber Data loss can lead to severe consequences, including financial losses, damage to reputation, and legal repercussions.
more →
Fortra, Tuesday, April 16th, 2024
Generative AI has exploded in popularity across many industries. While this technology has many benefits, it also raises some unique cybersecurity concerns. Securing AI must be a top priority for organizations as they rush to implement these tools.
more → HelpNet Security, Tuesday, April 16th, 2024
In this Help Net Security interview, Caleb Sima, Chair of CSA AI Security Alliance, discusses how AI empowers security pros, emphasizing its role in enhancing skills and productivity rather than replacing staff.
more → Security Boulevard, Tuesday, April 16th, 2024
Opinions are divided on the role of artificial intelligence (AI) in cybersecurity, according to a recent survey from CyberEdge Group. The report found that more than a third (36%) of security professionals anticipate that AI will primarily benefit IT security teams.
more → HelpNet Security, Tuesday, April 16th, 2024
Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization.
more → Data Science Central, Monday, April 15th, 2024
Think of a battlefield - not filled with soldiers but cyber warriors. The Defense Industrial Base (DIB) stands as the front line. This digital battleground faces nonstop cyberattacks, each one getting trickier.
more →
hyperproof, Friday, April 12th, 2024
One of the most eye-popping events in cybersecurity this year has been the former head of security for Twitter, Peiter Zatko, releasing a whistleblower complaint about the social media giant, alleging all manner of shortcomings. Anyone responsible for cybersecurity audits should take note - in fact, take lots of notes.
more → techradar.com, Friday, April 12th, 2024
Why traditional passwords need to be abandoned
more →
Search App Architecture, Thursday, April 11th, 2024
OAuth (Open Authorization) is an open standard authorization framework for token-based authorization on the internet.
more → DARKReading, Wednesday, April 10th, 2024
A cheat sheet for all of the most common techniques hackers use, and general principles for stopping them.
more → DARKReading, Wednesday, April 10th, 2024
Global organizations and geopolitical entities must adopt new strategies to combat the growing sophistication in attacks that parallel the complexities of our new geopolitical reality.
more → Computerworld, Wednesday, April 10th, 2024
Unified endpoint management software lets IT manage all endpoint devices - smartphones, laptops, desktops, printers, IoT devices, and others - from a single management console. Here's what to look for in a UEM platform and key vendors to consider.
more →