Thursday, May 19, 2022
The Security Ledger

Understanding the Economic Impact of Credential Stuffing Attacks

Credential stuffing attacks rose by 49% in 2020, according to one report. In this Expert Insight piece, Anastasios Arampatzis talks about simple steps companies can take to stop these attacks. The post Understanding the Economic Impact of Credential Stuffing...
The Security Ledger

Cyber Attack Halts Production at Ag Equipment Maker AGCO Fendt

A cyber attack has disrupted the operations of AGCO/Fendt, a major manufacturer of agricultural equipment, the company has acknowledged. The post Cyber Attack Halts Production at Ag Equipment Maker AGCO Fendt appeared first on The Security Ledger with Paul...
The Security Ledger

Feel Good Ukraine Tractor Story Highlights Ag Cyber Risk

The good news? John Deere bricked expensive farm equipment taken by thieving Russian troops. The bad news: those same remote access features could be used to launch crippling, large scale attacks on US farms. The post Feel Good Ukraine...
The Security Ledger

Episode 237: Jacked on the Beanstalk – DeFi’s Security Debt Runs Wide, Deep

The hack of Beanstalk is just the latest major compromise of a decentralized finance (DeFi) platform. In this podcast, Jennifer Fernick of NCC Group joins me to talk about why DeFi’s security woes are much bigger than Beanstalk. The...
The Security Ledger

Episode 236: Cyberwar Takes A Back Seat In Ukraine (For Now)

we sit down with Christian Sorenson, the former lead of the international cyber warfare team at US Cyber Command and CEO of cybersecurity firm, SightGain, to talk about what we’ve learned so far from Russia’s war in Ukraine, and what may be...
The Security Ledger

How to Bring the Power of No-Code Security Automation to Your Team in 2022

Seven in 10 SOC analysts say they are “burned out.” Six in 10 plan to leave their job “in the next year.” Tines CEO Eoin Hinchy says no-code automation may be a way to reduce the burnout and retain...
The Security Ledger

How to Bring the Power of No-Code Security Automation to Your Team in 2022

Seven in 10 SOC analysts say they are “burned out.” Six in 10 plan to leave their job “in the next year.” Tines CEO Eoin Hinchy says no-code automation may be a way to reduce the burnout and retain...
The Security Ledger

Why Security Practitioners Are Unhappy With Their Current SIEM

In this Expert Insight, Jack Naglieri, the CEO of Panther, writes about how today’s cloud-centric and data-driven environments make the SIEM technologies of the past inadequate and demand new approaches to security monitoring. The post Why Security Practitioners Are Unhappy With Their Current...
The Security Ledger

State of Modern Application Security: 6 Key Takeaways For 2022

In this Expert Insight, Harshil Parikh, CEO of Tromzo, reveals findings from the company's recent State of Modern Application Security Report, a survey of 400 appsec professionals. The post State of Modern Application Security: 6 Key Takeaways For 2022 appeared first on The...
The Security Ledger

Episode 235: Justine Bone of MedSec on Healthcare Insecurity

In this episode of the podcast (#235) Justine Bone, the CEO of Medsec, joins Paul to talk about cyber threats to healthcare organizations in the age of COVID. Justine’s firm works with hospitals and healthcare organizations to understand their cyber...
The Security Ledger

Episode 234: Rep. Jim Langevin on Cyber Policy in an Age of Political Polarization

In this episode of the podcast (#234) US Representative Jim Langevin (D-RI), joins Paul to talk about the flurry of legislation passed on Capitol Hill in recent months to boost the U.S.’s cyber defenses. The post Episode 234: Rep. Jim Langevin...
The Security Ledger

Tapping into the Power of the Security Community

Massive growth in Zoom’s customer base as a result of the COVID 19 pandemic brought new business - but also new challenges and security requirements. Establishing a CISO Council gave those customers a voice and a seat at the...
The Security Ledger

Spotlight: COVID, Cloud Sovereignty and Other 2022 Trends with DigiCert

What does 2022 have in store? Dean Coclin of DigiCert speaks with host Paul Roberts about the trends that will shape the New Year, from cloud sovereignty to the growing reliance on PKI to secure digital identities, DEVOPs and...
The Security Ledger

Spotlight: ShardSecure on Protecting Data At Rest Without Encryption

Host Paul Roberts speaks with Mark Blackmer of ShardSecure about that company’s new approach to protecting data at rest, which relies on fragmenting and scattering data to make it impossible to steal. The post Spotlight: ShardSecure on Protecting Data...
The Security Ledger

Episode 233: Unpacking Log4Shell’s Un-coordinated Disclosure Chaos

In this episode of the podcast (#233) Mark Stanislav, a Vice President at the firm Gemini, joins Paul to talk about what went wrong with disclosure of Log4Shell, the critical, remote code execution flaw in the Log4j open source...
SecurityWeek

Phishers Add Chatbot to the Phishing Lure

Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. We have all become accustomed to the chatbots used by many of the largest service providers –...
SecurityWeek

QuSecure Lauches Quantum-Resilient Encryption Platform

New firm launches to provide the Easy Button for implementing quantum secure encryption The pressure to implement quantum secure encryption is increasing. This isn’t because functioning quantum computers able to crack asymmetric encryption are expected tomorrow, but because of the...
The Register

Iran, China-linked gangs join Putin’s disinformation war online

They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives...

6 Scary Tactics Used in Mobile App Attacks

Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene.