CyberSecurity Insiders

JANUARY 12, 2022

In this blog, we’ll look at the root causes of concern for today's CISO and share some practical strategies to deter cybercriminals. And as a CISO, you have the ongoing struggle of understanding the scope of the issue yet managing the finite and appropriate resources to secure web applications.

CISO 126

CISO Cybercrime Risk Healthcare 126

Centraleyes

APRIL 16, 2024

Section 1: Understanding the Dynamics of Data Loss Prevention What is Data Loss Prevention? To embark on a journey of effective data loss prevention, it’s imperative to understand what a data loss prevention strategy truly encompasses. The stakes for safeguarding sensitive information have never been higher.

Encryption 52

Encryption Education Risk Healthcare 52

IT Security Guru

MAY 24, 2021

In conversations with our customers, it’s very clear that organisations need to establish a comprehensive view of their IT asset infrastructure because you can’t secure what you don’t know or can’t see. Simple policies like “No databases should run on webservers” can become a complex challenge to implement.

Cybersecurity 108

Cybersecurity Risk Software Data collection 108

Centraleyes

FEBRUARY 20, 2024

Navigating the Aftermath Swift and Transparent Communication Rapidly assess and acknowledge the breach. Ensure that affected parties, including customers and regulatory authorities, are promptly informed about the incident. Proactive adherence to legal standards is essential for mitigating legal risks.

Data breaches 52

Data breaches Risk Cybersecurity Education 52

Cisco Security

OCTOBER 24, 2022

This blog is the final in a series focused on M&A cybersecurity, following Dan Burke’s post on Making Merger and Acquisition Cybersecurity More Manageable. This blog is the final in a series focused on M&A cybersecurity, following Dan Burke’s post on Making Merger and Acquisition Cybersecurity More Manageable.

Education 70

Education Risk Cybersecurity Technology 70

Security Boulevard

OCTOBER 7, 2022

Why Public Key Infrastructure Is So Important. With a reliable PKI infrastructure, you can provide the utmost protection for your company’s information assets and technologies. With a reliable PKI infrastructure, you can provide the utmost protection for your company’s information assets and technologies.

CISO 52

CISO Risk Cyber Attacks Technology 52

SiteLock

AUGUST 27, 2021

Winning the ongoing battle against cybercrime and criminals starts with understanding the nature of the threats and how to combat them. What is Cyber Threat Intelligence? Cyber threat intelligence (IQ) is having knowledge and awareness of what threatens your data integrity. Business Threat Statistics You Should Know.

Cyber threats 98

Cyber threats Mobile B2B Threat Detection 98

Duo's Security Blog

MAY 23, 2023

What to do when your credentials are compromised How are credentials compromised in the first place? Delays in identifying, assessing, and notifying breaches make it more challenging to prevent harm. Delays in identifying, assessing, and notifying breaches make it more challenging to prevent harm.

Authentication 131

Authentication Passwords Data breaches Phishing 131

Security Boulevard

DECEMBER 9, 2022

What Is a Container? What Is Container Management? This is typically done by assessing and protecting all the images your team downloads and builds. With proper container management, security risks from mismanagement are mitigated. With proper container management, security risks from mismanagement are mitigated.

Architecture 69

Architecture Risk Accountability Software 69

SecureWorld News

FEBRUARY 29, 2024

Change Healthcare, a major provider of IT services to hospitals, continues to battle the BlackCat ransomware syndicate. This decentralized approach allows them to cast a wide net. An April 2022 attack had far-reaching impacts, hampering operations for scores of Change Healthcare customers. authorities. Insert sarcasm here).

Healthcare 98

Healthcare Ransomware Cyber threats Encryption 98

Security Boulevard

MAY 27, 2022

Having this extra safety provides confidence in knowing that your systems are safe from even the most aggressive attacks. Private Keys and Public Keys — What Are They? If you own the home, you want to be 100% certain that only those that you give a house key can have access. SSH Keys: Overview and Best Practices.

Encryption 72

Encryption Authentication Passwords Risk 72

Security Boulevard

JANUARY 17, 2024

This blog post describes methods that SpecterOps consultants have researched to successfully circumvent this technology during offensive assessments. What is RBI and Why Use It? This post then concludes with us sharing our perspective regarding the recommendation of RBIs as a defensive product for the modern enterprise.

DNS 64

DNS Penetration Testing Passwords Encryption 64

McAfee

JUNE 29, 2020

Let me extend the ir innovation story and share with you the leadership path McAfee continues to blaz e in cybersecurity. . Doing all these actions , before an attack impacts you , is referred to as “ shifting left ” on the attack lifecycle. ‘You are forward leaning and a differentiator in this space.?

Cybersecurity 53

Cybersecurity CISO Cyber Attacks Risk 53

Malwarebytes

AUGUST 18, 2021

When a new release of an operating system comes out, normal people find out what’s new by attending developer conferences, reading release notes, changelogs, reviews. Use common sense, assess the risks, choose, and take responsibility for your choice. Comparing the macOS 11 and macOS 10.15 Disclaimers.

Firmware 141

Firmware Architecture Risk Engineering 141

The Last Watchdog

MAY 20, 2022

The unification revolution of cybersecurity solutions has started – and managed security service providers are leading the way. In the case of fully-managed security services, the provider of security services owns the security technologies and maintains and monitors the incidents gathered by these tools and technologies.

Marketing 247

Marketing Digital transformation Technology Cybersecurity 247

ForAllSecure

MARCH 8, 2023

But what if you’re an immigrant or just a person of color. But what if you’re an immigrant or just a person of color. What if you are a woman in information security? In a moment I’ll introduce you to someone who faced and overcame a lot of challenges. I went to San Francisco.

InfoSec 40

InfoSec Engineering CSO Technology 40

NetSpi Executives

APRIL 27, 2024

Table of Contents What is penetration testing? In this guide, learn what penetration testing is, how penetration testing is done, and how to choose a penetration testing company. In this guide, learn what penetration testing is, how penetration testing is done, and how to choose a penetration testing company.

Penetration Testing 52

Penetration Testing Social Engineering Software Wireless 52

Centraleyes

JANUARY 7, 2024

There’s no avoiding digital risk. However, that doesn’t mean there aren’t plenty of ways to minimize these risks. It’s important your cybersecurity teams have a cyber risk management program in place for this purpose. It’s important your cybersecurity teams have a cyber risk management program in place for this purpose.

Cyber Risk 52

Cyber Risk Risk Penetration Testing Cybersecurity 52

The Last Watchdog

MARCH 1, 2023

Source code repositories are cloned and take with them hard-coded credentials, resulting in an explosion of “secrets sprawl.” Still, today the priority of boards of directors is to deliver value to customers faster than the competition, which means accelerating the development process.

Authentication 222

Authentication CISO Passwords Software 222

Troy Hunt

NOVEMBER 6, 2022

These are two of the most eagerly awaited, most requested features on HIBP's UserVoice so it's great to see them finally knocked off after years of waiting. Here goes: The Rate Limits and (Some) Pricing is Different The launch blog post for the authenticated API explained the original rationale behind the $3.50

Identity Theft 291

Identity Theft InfoSec Marketing Authentication 291

McAfee

AUGUST 24, 2021

As part of our continued goal to provide safer products for enterprises and consumers, we at McAfee Advanced Threat Research (ATR) recently investigated the B. For a brief overview please see our summary blog here. What are Infusion Pumps? What are Infusion Pumps? What Security Research has Already Been Performed?

Computers and Electronics 145

Computers and Electronics Authentication Software Risk 145

BH Consulting

JUNE 20, 2023

The two subjects make excellent bedfellows and provide a hybrid understanding of not just the ‘what must be done to be compliant’…but also the ‘how and why’. However, I wonder how many are really clear on the key technical controls and models in cybersecurity and how and when to apply them?

Cybersecurity 52

Cybersecurity Information Security VPN Authentication 52

Pen Test Partners

SEPTEMBER 26, 2023

There, I said it What is the Secure Controls Framework (SCF)? Why you should consider SCF on your journey to security excellence PTP has a myriad of customers coming for help to improve their security posture. Are you in an industry where compliance is mandated and regulated? TL;DR: All roads lead to Rome.

Risk 52

Risk Government Cybersecurity Technology 52

McAfee

JUNE 21, 2021

Or, more importantly, what percentage of your company’s most sensitive data passes through employee home networks right now? If you’re like me, working from a home office, you can’t help but think about all of the cybersecurity tradeoffs that accompanied the widespread shift from on-premises to cloud-delivered services.

CISO 100

CISO Cybersecurity CSO Risk 100

Duo's Security Blog

MARCH 9, 2022

The Australian government is urging companies in the region to adopt strong cybersecurity practices due to increased global risk stemming from the conflict in Ukraine. Australian Cyber Security Centre Here’s a summary of the ACSC’s advice and additional Duo resources for adopting them to safeguard businesses.

Cybersecurity 89

Cybersecurity Authentication Passwords VPN 89

Troy Hunt

JANUARY 16, 2019

Most of them won't have a tech background or be familiar with the concept of credential stuffing so I'm going to write this post for the masses and link out to more detailed material for those who want to go deeper. Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. There are 21,222,975 unique passwords.

Data breaches 280

Data breaches Passwords Password Management Accountability 280

Centraleyes

JANUARY 14, 2024

However, every partnership you make introduces a degree of risk that must be accounted for. However, every partnership you make introduces a degree of risk that must be accounted for. We’ll discuss the details of vendor risk and the ways we can address it. Today’s businesses don’t operate in a vacuum.

Risk 52

Risk Cybersecurity Government Insurance 52

Thales Cloud Protection & Licensing

JULY 11, 2019

Let’s very briefly recall what GDPR is and some of its key concepts, before discussing about steps and security controls that will bring your organization one step closer to compliance. What is the General Data Protection Regulation? What does the GDPR require? Who does the GDPR apply to? Privacy by Design.

Risk 97

Risk Encryption Accountability Government 97

SiteLock

AUGUST 27, 2021

Did you know a single website experiences 44 attacks per day on average? Cybercriminals target websites to steal customer information, traffic, resources (like bandwidth), and of course, money. That said, if you’re new to cybersecurity , deciding if and how you should protect your website can be confusing and overwhelming.

Small Business 52

Small Business Technology Malware Cybersecurity 52

Security Boulevard

DECEMBER 15, 2021

For companies writing and maintaining software at scale today, SAST (Static Application Security Testing) has become an essential tool for increasing code security and reducing cyber risk. Definition: What is SAST. Attackers are also exploiting the window between when a vulnerability is announced and when a patch is released.

Software 59

Software Technology Risk Ransomware 59

Elie

DECEMBER 2, 2017

This post provides a retrospective analysis of Mirai — the infamous Internet-of-Things botnet that took down major websites via massive distributed denial-of-service using hundreds of thousands of compromised Internet-Of-Things devices. This blog post recounts Mirai’s tale from start to finish. Krebs on Security. via massive.

IoT 107

IoT DDOS Internet Internet 107

Security Affairs

FEBRUARY 14, 2022

A CyberNews investigation has revealed that Lovense remote sex toy users might be at risk from threat actors, due to poor security features. By using wireless remote control, you can customize vibrations and adjust them to your body, or give pleasure to someone across a room or even miles away. Original post: [link].

Wireless 92

Wireless Manufacturing Firewall Technology 92

Troy Hunt

JULY 24, 2020

I was searching around for a quote a long the lines of you only being as good as the tools you use and somehow, I ended up down this rabbit hole of painters quotes and carpenters quotes and stuff about artists and their brushes. until eventually, I thought "stuff it, let's just write about the computer bits". So here are.

IoT 363

IoT Retail Manufacturing Data breaches 363

Fox IT

MAY 4, 2021

In this post we provide some history, analysis and observations on this most pernicious family of banking malware targeting Oceania, the UK, Germany and Italy. We’ll start with an overview of its origins and current operations before providing a deep dive technical analysis of the RM3 variant. Introduction.

Banking 98

Banking Malware Encryption Architecture 98