Blog - Cyber Security Informer

What Is Mutual Authentication?

Heimadal Security

JANUARY 12, 2023

Mutual authentication, also known as two-way authentication or website-to-user authentication, is a security mechanism that requires the two sides of a communications channel to authenticate each other’s identities (instead of just one side verifying the other) before moving forward with secure communications.

Authentication

mTLS Everywhere in Kubernetes: Not Just Entry and Exit

Security Boulevard

APRIL 7, 2022

To prevent security incidents from happening in the first place, Kubernetes documentation mentions that “TLS should be enabled for every component that supports it to prevent traffic sniffing, verify the identity of the server, and (for mutual TLS) verify the identity of the client.”. But that is a topic for another blog.).

Authentication

Authentication Encryption Digital transformation

Guest Blog: TalkingTrust. What’s driving the security of IoT?

Thales Cloud Protection & Licensing

MARCH 10, 2021

Guest Blog: TalkingTrust. What’s driving the security of IoT? The same rings true for encryption and authentication. Thu, 03/11/2021 - 07:39. The Urgency for Security in a Connected World. It’s a complex challenge that we’re only just beginning to address. Device Security is Hard. They have design constraints.

IoT

IoT Firmware Manufacturing Encryption

Coyote: A multi-stage banking Trojan abusing the Squirrel installer

SecureList

FEBRUARY 8, 2024

What caught our attention was the sophisticated infection chain that makes use of various advanced technologies, setting it apart from known banking Trojan infections. The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims.

Banking

Banking Encryption Malware Technology

Handling Criticism & The Cost of Call Out Culture in Cyber

Jane Frankland

JULY 27, 2022

Given the nature of what is considered a highly emotive topic, I want to keep a dialogue going, remove as much fear as possible when posting comments so we can become more aware, educated, and ultimately evolve together. Doing the latter is what trips us up and holds us back. . So, let’s have deep reverence for others from the outset.

Education

Education Authentication CISO Accountability

Securing Containers and Multi-Cloud Operations

Thales Cloud Protection & Licensing

FEBRUARY 11, 2020

Knowing who and what can be trusted is a constant struggle, as malicious code, untrusted connections, and misconfiguration all lead to one thing – more risk. Two critical functions that make this possible are signature enforcement and trust authentication, both of which can be accomplished through the use of X.509 509 certificates.

Authentication

Authentication Encryption Risk Software

Another NFT explainer, with a bonus look at the data security implications

Webroot

MAY 12, 2021

“What Bitcoin was to 2011, NFTs are to 2021.”. Non- what token? That’s what the “non-fungible” in non-fungible token means: there’s only one, and it’s completely unique. A distributed group of devices does the work to vouch for the authenticity of the token the same way it does for a bitcoin.

Cryptocurrency

Cryptocurrency Marketing Phishing Authentication

Securing Containers and Multi-Cloud Operations

Thales Cloud Protection & Licensing

FEBRUARY 12, 2020

Knowing who and what can be trusted is a constant struggle, as malicious code, untrusted connections, and misconfiguration all lead to one thing – more risk. Two critical functions that make this possible are signature enforcement and trust authentication, both of which can be accomplished through the use of X.509 509 certificates.

Authentication

Authentication Encryption Risk Software

Women Helping Women. Is this so Radical?

Jane Frankland

MARCH 24, 2023

I had to alter my talk and speak about what she said. Today I find myself having to do the same thing, but it’s different to what I said then. In this blog I’m sharing a few suggestions for women. #1. Get clear on what you want, and be open to achieving it. It pains me, deeply. Not tomorrow. Read INSights.

Cybersecurity

Cybersecurity Accountability Media Authentication

Ways Women Can Support One Another in the Tech Workplace

Jane Frankland

MARCH 24, 2023

I had to alter my talk and speak about what she said. Today I find myself having to do the same thing, but it’s different to what I said then. In this blog I’m sharing a few suggestions for women. #1. Get clear on what you want, and be open to achieving it. It pains me, deeply. Not tomorrow. Read INSights.

Cybersecurity

Cybersecurity Accountability Media Authentication

Topic-specific policy 4/11: information transfer

Notice Bored

OCTOBER 14, 2021

One way flows or a mutual, bilateral or multilateral exchange of information. Transmission of information through broadcasting, training and awareness activities, reporting, policies, documentation, seminars, publications, blogs etc., What need would it satisfy, and is a policy the best way to proceed?

Information Security

Information Security Risk Media Encryption

Partner Summit 2022: Let’s Own the Opportunity to Build a World of Secure, Resilient Organizations

Cisco Security

NOVEMBER 1, 2022

So, when we say, “ Let’s Own It ”, it’s a rally cry for Cisco and our partners alike to do our parts to seize the massive opportunity that we have in front of us and turn it into mutual success. I encourage all partners to drill down on each announcement in the accompanying blogs and news announcements. Secure Access by Duo.

Firewall

Firewall Marketing Healthcare Mobile

Cyber CEO: 3 Key Components for Resilient Third Party Risk Management

Herjavec Group

APRIL 26, 2021

Gartner’s Third-Party Risk Management Framework puts it best – “Leaders find themselves in the middle of what feels like an unwinnable war: one that demands risk oversight while maintaining speed.”. How can we face what feels like “an unwinnable war” between security and effective business operations? So where does that leave us?

Risk

Risk Government InfoSec Cybersecurity

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Thales Cloud Protection & Licensing

JULY 12, 2018

Connected things are what make the IoT – sensors, cameras, wearable electronics, medical devices, automatic controls. In this blog, and in one by my colleague Julie Lassabliere from Safelayer Secure Communications , we explore the need for trusted device identification and data integrity in the IoT. Connected devices outnumber people.

IoT

IoT Data collection Encryption eCommerce

Privileged account management challenges: comparing PIM, PUM and PAM

CyberSecurity Insiders

NOVEMBER 18, 2021

This blog was written by an independent guest blogger. Most cyberattacks originate outside the organization. Numerous articles, vulnerability reports, and analytical materials prove this fact. External attacks are usually carried out based on the following scenario: Overcoming the perimeter of the organization. Establishing a connection.

Accountability

Accountability Passwords Authentication Social Engineering

What Is SPIFFE and How Does It Impact Machine Identities?

Security Boulevard

MAY 12, 2022

What Is SPIFFE and How Does It Impact Machine Identities? Protecting the network isn’t what it used to be. SPIFFE solves the problem of workload authentication in diverse environments. When asked what that turtle rests on, she replied “It’s turtles all the way down!” brooke.crothers. Thu, 05/12/2022 - 13:27.

Architecture

Architecture Authentication Data breaches Software

Back to the Future of Firewall

Cisco Security

JUNE 15, 2021

Everyone has been using and abusing the “next-generation” qualifier to describe any modern firewall product for far too long, so it is appropriate to drop this extraneous prefix and talk about what truly comes next for this technology. After all, the cloud is just your stuff running in someone’s else data center. Insert Your Firewall Here.

Firewall

Firewall Software Network Security Encryption

The Case for Multi-Vendor Security Integrations

Cisco Security

AUGUST 26, 2022

To do this, security vendors must adopt open ecosystems of APIs to easily integrate with each other to provide effective ways for mutual customers to defend and react to cybersecurity attacks. It is imperative that cybersecurity vendors interact with and collaborate with each other to lower this gap. Read more here. ServiceNow.

Firewall

Firewall Authentication Passwords Threat Detection

Securing Istio Workloads with mTLS Using cert-manager

Security Boulevard

OCTOBER 4, 2022

We’ve gone deeper into Istio OIDC Authentication here. Let us know what you think! Securing Istio Workloads with mTLS Using cert-manager. brooke.crothers. Tue, 10/04/2022 - 10:38. Rise of the service mesh. Why use cert-manager? cert-manager was always built to be CA-agnostic and enable integration with both public and private CAs.

Accountability

Accountability Encryption Authentication

Why Sucessful Central Bank Digital Currencies require Partnership enagement

Thales Cloud Protection & Licensing

JUNE 21, 2023

Why Sucessful Central Bank Digital Currencies require Partnership enagement madhav Thu, 06/22/2023 - 06:23 In Part 1 of this blog series we explored what CBDC, or Central Bank Digital Currencies are, and why they are important. What are your security considerations for these devices?

Banking

Banking Retail Encryption Technology

RSA Conference 2021: Resilience

Duo's Security Blog

APRIL 5, 2021

How To Make a Successful Security Program What (Actually, Measurable) Makes a Security Program More Successful? What makes a successful security program? That’s why the theme for this year’s RSA Conference 2021 is so fitting: resilience. We’re all navigating new waters, and this conference is no different.

CISO

CISO InfoSec Financial Services Marketing

Cyber Security Informer

What Is Mutual Authentication?

mTLS Everywhere in Kubernetes: Not Just Entry and Exit

Trending Sources

Guest Blog: TalkingTrust. What’s driving the security of IoT?

Coyote: A multi-stage banking Trojan abusing the Squirrel installer

Handling Criticism & The Cost of Call Out Culture in Cyber

Securing Containers and Multi-Cloud Operations

Another NFT explainer, with a bonus look at the data security implications

Securing Containers and Multi-Cloud Operations

Women Helping Women. Is this so Radical?

Ways Women Can Support One Another in the Tech Workplace

Topic-specific policy 4/11: information transfer

Partner Summit 2022: Let’s Own the Opportunity to Build a World of Secure, Resilient Organizations

Cyber CEO: 3 Key Components for Resilient Third Party Risk Management

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Privileged account management challenges: comparing PIM, PUM and PAM

What Is SPIFFE and How Does It Impact Machine Identities?

Back to the Future of Firewall

The Case for Multi-Vendor Security Integrations

Securing Istio Workloads with mTLS Using cert-manager

Why Sucessful Central Bank Digital Currencies require Partnership enagement

RSA Conference 2021: Resilience

Stay Connected