Tuesday, May 21, 2019

Haas F1 team leans on service providers as security force multipliers

If today’s cars are smartphones on wheels, then race cars are supercomputers with engines attached. As the fastest racing sport in the world, Formula One cars come laden with over 100 sensors measuring every aspect of a car’s internal...

How to implement and use the MITRE ATT&CK framework

Mitigating security vulnerabilities is difficult. Attackers need to exploit just one vulnerability to breach your network, but defenders have to secure everything. That’s why security programs have been shifting resources toward detection and response: detecting when the bad guys...

IT services giant HCL left employee passwords, other sensitive data exposed online

IT services giant HCL left employee passwords exposed online, as well as customer project details, and other sensitive information, all without any form of authentication, research by security consultancy UpGuard reveals.An HCL human resources portal published new employee names,...

BrandPost: Four Critical Reasons for Investing in Your WAN Edge

The traditional network model of a central, physical data center hub with spokes running out to fixed locations has gone the way of the mainframe and electric typewriter – once mainstays of business. Today’s workforce is increasingly mobile, while...

Review: How Awake Security uncovers malicious intent

Good cybersecurity these days is more complicated than just matching signatures against known malware. In fact, many of the most devastating attacks made against enterprises may not involve malware at all, instead relying on social engineering, insider threats, and...

Will the U.S. government draft cybersecurity professionals?

Will there be a giant sucking sound of cybersecurity talent evading the draft by moving to Canada?The National Commission on Military, National and Public Service, created by Congress, is currently evaluating the Selective Service System (SSS) with an eye...

What is malware? How to prevent, detect and recover from it

Malware definition Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs hackers use to wreak destruction and gain access to sensitive information. As Microsoft puts it, " is a catch-all term to refer...

IDG Contributor Network: Digital ethics rising in importance

The innovative capabilities of technology – as well as the potency of that technology – are advancing at a remarkable pace, creating new possibilities in today’s digital economy. This is mostly wonderful, with one large caveat: we must keep...

The most stressful aspects of being a cybersecurity professional

Talk with any cybersecurity professional, and you're sure to hear them talk about the challenges they're up against. What stresses them out the most? Keeping up with the security needs of new IT initiatives.That's according to a third annual research...

5 tips for better backups with Azure Backup Agent

You’ve seen the headlines of how businesses were harmed by ransomware. Ransomware depends on encryption; there is a public key and a private key. Unless you have the private key, you can’t readily get your data back. Any time...

Why security needs to be involved early during mergers and acquisitions

As an industry that is now largely dependent on online services to survive, security should be a key part of every media outlet’s business strategy. A disruption to service or a compromise of customers’ information could be catastrophic in...

The CSO guide to top security conferences, 2019

There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your...

BrandPost: What Do We Want? Wi-Fi Protected Access! When Do We Want It? WPA3 Now!

I was recently listening to the Demystifying WPA and the WPA3 Security Standard podcast and it got me thinking about how we got to where we are with wireless security access, protecting our network, our users, and so much more.For those...

Microsoft urges Windows customers to patch wormable RDP flaw

Microsoft has fixed a critical vulnerability in some versions of Windows that can be exploited to create a powerful worm. The company even took the unusual step of releasing patches for Windows XP and Windows Server 2003, which haven't...

Beware social engineering reduction clauses in cybersecurity insurance policies

Cybersecurity insurance is quickly becoming a must-have risk offset for businesses of every size. Already one-third of U.S. businesses have cybersecurity insurance, and the market is expected to grow to $14 billion by 2022.To read this article in full,...

How Microsoft builds empathy between its security and development teams

How would you describe the relationship between your organization’s security and development teams? Chances are, you’d use words like “tense” or “distrustful.” That’s because the two groups often feel they are working at cross-purposes and getting in each other’s...

The second Meltdown: New Intel CPU attacks leak secrets

Researchers have found new flaws in Intel processors that could allow hackers to defeat the security boundaries enforced by virtual machine hypervisors, operating system kernels and Intel SGX enclaves, putting data on both servers and endpoint systems at risk....

Cybersecurity professionals are no match for cyber-adversaries

Cybersecurity professionals are paranoid by nature. That’s not a bad thing; it’s a job requirement. We want our cybersecurity team to “think like the enemy” to discover and remediate vulnerabilities as rapidly as they possibly can. Aside from this cynicism,...

Barracuda Sentinel protects email where others fail

Traditional email protection platforms and appliances sit between a network and the outside world, shielding that critical gateway and chokepoint. They filter incoming email to weed out spam and viruses, and sometimes also prevent things like personal or confidential...

200 million-record breach: Why collecting too much data raises risk

If you don't collect it, no one can steal it.Sometimes the best way to secure customer data is not to collect it in the first place. While it can be tempting to "collect it all" just in case, most...

Rats leave the sinking ship as hackers’ forum gets hacked

The OGUsers forum, which trades in hijacked social accounts, has been hacked, its hard drives wiped, and its user database published online.
The Register

iPhone gyroscopes, of all things, can uniquely ID handsets on anything earlier than iOS 12.2

Cheapskate fandroids get a pass on this one, though Your iPhone can be uniquely fingerprinted by apps and websites in a way that you can never clear. Not by deleting cookies, not by clearing your cache, not even by...
Bruce Schneier

How Technology and Politics Are Changing Spycraft

Interesting article about how traditional nation-based spycraft is changing. Basically, the Internet makes it increasingly possible to generate a good cover story; cell phone and other electronic surveillance techniques make tracking people easier; and machine learning will make all...

DDoS Attacks on the Rise After Long Period of Decline

DDoS Attacks on the Rise After Long Period of DeclineThe number of DDoS attacks increased by 84% in the first quarter of 2019 compared to Q4 2018, according to new research from Kaspersky Lab. The global cybersecurity company’s findings, detailed...
SecurityWeek

Awareness Training Firm KnowBe4 Acquires Awareness Measurement Firm CLTRe

Tampa Bay, FL-based security awareness and simulated phishing firm KnowBe4 has acquired Oslo, Norway-based security culture measurement company CLTRe for an undisclosed sum. read more