Tuesday, September 25, 2018

Are Colleges Teaching Real-World Cyber Security Skills?

The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...

What Exactly is Threat Hunting – and Why Does it Matter?

Naturally, we all want to detect every threat to our network as soon as it manifests itself. That’s why we spend a ton of money every year on tools that detect things automatically. But what do we do when...

It’s Time to Get Real about Complex, Emerging Threats

Technology has advanced at an astonishing rate in the last decade and the pace is only set to accelerate. Capabilities that seemed impossible only a short time ago will develop extremely quickly, aiding those who see them coming and...

Under Expanding Cyber Siege, CISOs Admit Clear Visibility on Attacks Is a Challenge

Most chief information security officers have begun to shift their security posture toward gaining more visibility into the way attacks occur, and how their organizations become targets, admitting they can’t protect their infrastructure from all cyber threats 100 percent...

Busting the VDI Security Myth

Many CISOs and security pros see Virtual Desktop Infrastructure (VDI) and other remote application solutions as security barriers. They think VDI isolates sensitive resources from the user's device, making it impossible for hackers to bust through. But that’s a...

Why Admin Rights Removal Is only the First Step towards Data Protection

When it comes to protecting data, removing admin rights is one of the most effective methods at an organisation’s disposal. Doing so minimises the likelihood that a successful attack on an individual’s account will be able to affect widespread...

FIN6 Hackers Update Arsenal of Techniques

A cybercriminal group focused on stealing payment card data records has been using new tactics, techniques and procedures (TTPs) in attacks observed in 2017 and 2018, IBM X-Force security researchers report. First detailed in April 2016, the group has been...

Hackers and Worms in the Singularity

So I saw an ad for this project, “OpenWorm.” Seemed like it checked all the boxes that cause me to click a link:   Vaguely open source Something to do with Legos Robots Has an app associated with it. “Get the App!” And it’s for...

Trojanized Extension Uploaded to Google’s Chrome Store

A trojanized version of the MEGA extension was uploaded to the Google Chrome webstore earlier this week and was automatically pushed to users via the autoupdate mechanism. Through this extension, users get direct access to the MEGA secure cloud...

Gartner SOAR Adoption Rate Prediction: From 1% to 15% by 2020 – Why Should You Care?

In a recent report, Gartner predicted that SOAR adoption rates will rise from 1% to 15% by 2020. These findings highlight two key factors. Firstly, acceptable SOAR protocols are currently lacking in most corporations. Secondly, SOAR tools are gaining...

New Payment Tech, New Security Challenges

There are more ways to pay for goods and services than ever before. New payment technologies bring growth opportunities for businesses, and they can revolutionize customer experiences at point-of-sale. However, these new apps and technologies also present payment providers with...

CVE-2018-11776 — The Latest Apache Struts Vulnerability

About a week ago, a security researcher disclosed a critical remote code execution vulnerability in the Apache Struts web application framework that could allow remote attackers to run malicious code on the affected servers. The vulnerability (CVE-2018-11776) affects all...

How Secure Are Popular Finance Apps on Google Play?

Whether it’s paying bills, transferring money, reviewing account balances or even trading stocks, consumers increasingly rely on mobile banking apps from their device, whether it’s a mobile phone or tablet or the smart watch on their wrist. The growth...

The Importance and Requirements of Privileged Access Management

The growing need to secure the “keys to the kingdom” and the steps organizations need to take to protect their critical credentials The constantly evolving threat landscape continues to bring organizations — even of enterprise size — to their knees...

All Data is Security Data: A Shift in Thinking

The most significant costs in security operations come from an unlikely source – missed opportunities caused by not collecting and organizing log data. In order to operate more efficiently, security operations need to collect more data to support not...

Breach at US Retailer SHEIN Hits Over Six Million Users

Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers. The women’s clothing company revealed at the end of last week that...
The Register

Bug? Feature? Power users baffled as BitLocker update switch-off continues

Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
ZDNet

UK issues first-ever GDPR notice in connection to Facebook data scandal

Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
SecurityWeek

Symantec Completes Internal Accounting Investigation

Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements. read more

Are Colleges Teaching Real-World Cyber Security Skills?

The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...