Cyber Security Informer

Security Risks of AI

Schneier on Security

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. This means that a compromise will likely remain mostly unnoticed until long after attackers have successfully exploited vulnerabilities.

Risk

Risk Cybersecurity Government Engineering

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

The threat landscape is constantly evolving, with cybercriminals coming up with new techniques and exploiting vulnerabilities. This reactive approach often fails to identify critical vulnerabilities early on, making it easier for attackers to exploit them. Manage dependencies and address vulnerabilities in software components.

Cyber Risk

Cyber Risk Risk Education Security Awareness

Cybersecurity Research Topics for Beginners: Exploring the Fundamentals

CyberSecurity Insiders

MAY 28, 2023

This article aims to provide a comprehensive list of cybersecurity research topics suitable for beginners, helping them delve into the fundamentals of this rapidly evolving field. Analyze their effectiveness and explore potential vulnerabilities and countermeasures.

Cybersecurity

Cybersecurity Penetration Testing Social Engineering IoT

Exploring Cybersecurity Research Topics for Master’s Degree Studies

CyberSecurity Insiders

MAY 21, 2023

Whether you’re passionate about securing networks, protecting data, or investigating cyber threats, choosing the right research topic is crucial for a successful and impactful Master’s journey. IoT Security: Examine the vulnerabilities and challenges associated with securing the Internet of Things (IoT) devices and networks.

Cybersecurity

Cybersecurity Cyber threats IoT Artificial Intelligence

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Register today! July 20th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST

Banking

Cyberattacks in 2021 Highlighted Critical Infrastructure Risks

Security Boulevard

NOVEMBER 30, 2021

Concerns regarding cyberattacks against critical infrastructure have elevated industrial control systems (ICS) security to a mainstream topic. The first half of the year saw an increase in vulnerabilities found in ICS, exposing the high risk for attacks.

Risk

Risk Internet Internet Technology

Best Practices for Mobile App Security Testing for Developers & Non-Developers

Appknox

JANUARY 5, 2022

Mobile application security testing (MAST) covers a wide range of topics, including authentication, authorization, data security, session management, and vulnerabilities for hacking.

Mobile

Mobile Authentication Hacking

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

The Last Watchdog

OCTOBER 4, 2023

In a keynote address, Omdia’s Eric Parizo, managing prinicipal analyst, and Andrew Braunberg, principal analyst, unveiled an approach they coined as “proactive security.” RBVM solutions don’t merely identify vulnerabilities, it quantifies and prioritizes them, making risk management more strategic.

Risk

Risk Marketing Software Network Security

GUEST ESSAY: Making the case for leveraging automation to eradicate cybersecurity burnout

The Last Watchdog

MAY 2, 2023

Experts must monitor firewalls, test business continuity plans and identify vulnerabilities with seemingly little payoff. Every automation tool is like an added employee , strengthening SOCs and empowering individual analysts to find more valuable ways to employ their expertise or receive additional training on more complex topics.

Cybersecurity

Cybersecurity Firewall Risk Cyber Risk

GUEST ESSAY: The three horsemen of cyber risks: misinformation, disinformation and fake news

The Last Watchdog

NOVEMBER 15, 2021

These actions undermine a nation’s security and make them vulnerable to geopolitical risks. I recently completed a new study on this very topic for Business Horizons , published by Elsevier. My research attempts to bridge the divide between academic research and real-world practice of cyber risk management.

Cyber Risk

Cyber Risk Risk Artificial Intelligence Cyber threats

The mystery of the CVEs that are not vulnerabilities

Malwarebytes

SEPTEMBER 18, 2023

A researcher specializing in Software Supply Chain security named Dan Lorenc recently raised an interesting topic on LinkedIn. 138 new vulnerabilities in open-source projects were all entered the same day to the CVE database. The way it should work is that vulnerabilities are first discovered, then reported to the CVE Program.

Technology

Technology Information Security Software Risk

“Future of Vulnerability Management” Podcast Episode 3: The Power of Soft Skills in Vulnerability Management

NopSec

SEPTEMBER 2, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

Technology

Technology Risk

“Future of Vulnerability Management” Podcast Episode 2: Weaknesses in the Vulnerability Management Field

NopSec

AUGUST 25, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

Penetration Testing

Penetration Testing Cyber threats Technology Government

Responsible disclosure - another new policy

Notice Bored

MAY 20, 2022

We have just completed and released another topic-specific information security policy template, covering responsible disclosure (of vulnerabilities, mostly). The policy encourages people to report any vulnerabilities or other information security issues they discover with the organisation's IT systems, networks, processes and people.

Information Security

Information Security Marketing Risk Hacking

“Future of Vulnerability Management” Podcast Episode 9: Why it’s Important for Security Practitioners to Understand Business Logic to Prioritize Vulnerabilities

NopSec

OCTOBER 14, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

Technology

Technology Risk Engineering Accountability

Remember GDPR? Expect another set of cyber regulations around vulnerabilities

SC Magazine

APRIL 14, 2021

For the first time in its 60-year history, the OECD offered policy guidelines for risk reduction through vulnerability management. For the first time in its history this past February, the Organization for Economic Cooperation and Development (OECD) offered policy guidelines for digital risk reduction through vulnerability management.

Government

Government Risk Information Security InfoSec

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

Anton on Security

FEBRUARY 26, 2021

If you have topics you’re interested in hearing about, please reach out and let us know. Your cloud security podcast hosts are Anton Chuvakin , Head of Solutions Strategy, and Timothy Peacock , Product Manager, both at Google Cloud. Topics covered: What is confidential computing? vulnerabilities and threats in the cloud?

Cloud Migration

Cloud Migration Network Security Banking Media

“Future of Vulnerability Management” Podcast Episode 10: How to Reinvigorate the Vulnerability Management Category

NopSec

OCTOBER 21, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

Technology

Technology Cybersecurity Risk

“Future of Vulnerability Management” Podcast Episode 4: How a 105 year old Ad Agency Tackles Vulnerability Management With Clients

NopSec

SEPTEMBER 9, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

Advertising

Advertising Technology Marketing Media

Security Risks of AI

Security Boulevard

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic.

Risk

Risk Cybersecurity Artificial Intelligence

HEALTHCARE SECURITY – SECURITY WITH LIFE AND DEATH CONSEQUENCES

CyberSecurity Insiders

MARCH 21, 2021

This post was originally published by (ISC)² Management. Cybercriminals are seemingly everywhere, seeking to make a digital dollar off of the vulnerabilities of unsuspecting individuals and organizations. Healthcare Security and Privacy Management. A Day in the Life. Why is this the case?

Healthcare

Healthcare Technology Cybersecurity Engineering

“Future of Vulnerability Management” Podcast Episode 6: The Role Vulnerability Management Plays in Proper Cyber Hygiene

NopSec

SEPTEMBER 23, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

Antivirus

Antivirus CISO Architecture IoT

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Krebs on Security

JANUARY 13, 2020

is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll Sources tell KrebsOnSecurity that Microsoft Corp.

Internet

Internet Internet Software Cybersecurity

“Future of Vulnerability Management” Podcast Episode 7: How Practitioners Can Use Vulnerability Management to Improve Business Objectives

NopSec

SEPTEMBER 30, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

CISO

CISO Technology Education Marketing

InfoSec Leaders Share in Podcast Interview at SecureWorld Philadelphia

SecureWorld News

APRIL 28, 2023

Glanden is a specialized security systems consultant focused on risk management for breakthroughs and vulnerabilities, a senior security architect for Sayers, and the founder of BarCode Security. An example of a topic covered is ransomware, to which Lingenfelter said: "Ransomware is just one of those things that's not going away.

InfoSec

InfoSec CISO Ransomware Information Security

The Future of the NopSec Platform: The Security Insights Platform for Cyber Threat Exposure Management

NopSec

MARCH 11, 2024

Security Data Analysis is Hindering Vulnerability Management Program Effectiveness Vulnerability management is a vital process for any organization that wants to proactively protect their IT assets and systems from cyber attacks. Many organizations struggle to oversee their Vulnerability Management program effectively.

Cyber threats

Cyber threats Artificial Intelligence Government Technology

“Future of Vulnerability Management” Podcast Episode 5: How to Bridge the Gap Between Risk Management and Core Business Outcomes

NopSec

SEPTEMBER 15, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

Risk

Risk CISO Technology Information Security

We Are Almost 3! Cloud Security Podcast by Google 2023 Reflections

Anton on Security

JANUARY 10, 2024

EP109 How Google Does Vulnerability Management: The Not So Secret Secrets!” Cloud Security Podcast by Google — Popular Episodes by Topic (Apr 2022) Cloud Security podcast by Google turns 46 [episodes] — Reflections and lessons! Subscribe at Apple Podcasts. 2021) We Are Almost 3!

Cloud Migration

Cloud Migration Government Network Security Risk

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

eSecurity Planet

MARCH 15, 2024

in February 2024, it serves as an extensive repository of hacking tools and techniques to actively assist users in managing complex cybersecurity protection strategies. From analyzing attack methods and suggesting defense tactics to doing vulnerability assessments, it provides users with the knowledge to improve their security posture.

Mobile

Mobile Hacking Education Cybersecurity

Introducing: the “Future of Vulnerability Management” Podcast

NopSec

AUGUST 10, 2022

Today, we are excited to announce our new podcast — the Future of Vulnerability Management which is dedicated to helping security professionals tackle real issues in the vulnerability management space. The post Introducing: the “Future of Vulnerability Management” Podcast appeared first on NopSec.

Technology

Technology Information Security Risk

SBOM formats SPDX and CycloneDX compared

CSO Magazine

AUGUST 8, 2022

Software bills of materials (SBOMs) are becoming a critical component of vulnerability management. Many organizations, however, are still wrestling with understanding fundamental topics in the SBOM discussion, such as the differences among the SBOM formats. What are SBOM formats?

Software

Software Cybersecurity

Holes in Linux Kernel Could Pose Problems for Red Hat, Ubuntu, Other Distros

eSecurity Planet

JULY 23, 2021

A pair of vulnerabilities in the Linux kernel disclosed this week expose major Linux operating systems that could let a hacker either gain root privileges on a compromised host or shut down the entire OS altogether. Further reading: Top Vulnerability Management Tools for 2021. Red Hat, Others Confirm Flaws. A Silver Lining.

Accountability

Accountability Big data CISO Architecture

Report Finds 49% of Security Teams Plan to Replace their ASM Solution in the next 12 Months

CyberSecurity Insiders

AUGUST 5, 2022

The Team Cymru State of Attack Surface Management Report covers a broad spectrum of topics. That 49% of teams have plans to stop working with their ASM vendor in the next 12 months begs the question, what do these disaffected ASM users plan to do to manage their attack surface? Conclusion.

Risk

Risk Cybersecurity

“Future of Vulnerability Management” Podcast Episode 8: How Organizational Culture Affects Consensus about the Criticality of Assets

NopSec

OCTOBER 7, 2022

The Future of Vulnerability Management podcast is dedicated to helping security professionals tackle real issues in the vulnerability management space. Lisa Xu, our CEO, interviews industry experts and leading practitioners about what can be done to prepare for the future of vulnerability management.

Cyber Insurance

Cyber Insurance Technology Insurance Engineering

Critical Assets Highly Exposed in Public Cloud, Mobile, and Web Apps

SecureWorld News

AUGUST 22, 2023

CyCognito has released its semi-annual State of External Exposure Management Report , revealing a staggering number of vulnerable public cloud, mobile, and web applications exposing sensitive data, including unsecured APIs and personally identifiable information (PII).

Mobile

Mobile Penetration Testing Backups Data breaches

Black Hat 2022: from cyberwarfare to the rise of RCE

Security Boulevard

AUGUST 12, 2022

While we couldn’t see it all, we did manage to catch a few sessions – and even held some of our own to dig into essential topics like security debt and the worrying rise of direct-impact vulnerabilities. The post Black Hat 2022: from cyberwarfare to the rise of RCE appeared first on Invicti.

Cybersecurity

The Evolving Landscape of Cybersecurity: Trends and Challenges

CyberSecurity Insiders

JUNE 1, 2023

In this article, we will explore some of the trending topics in cybersecurity, shedding light on the advancements, threats, and the measures we need to take to protect ourselves. With the ever-evolving threat landscape, it is crucial to stay informed about the latest trends and challenges in the field of cybersecurity.

Cybersecurity

Cybersecurity IoT Architecture Artificial Intelligence

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

The Last Watchdog

DECEMBER 6, 2019

Although, the topic has gained popularity amongst CIOs and CISOs, most companies are still overlooking important security blind spots when it comes to securing their digital assets outside the enterprise firewalls—domains, DNS, digital certificates. I like to think of this topic like the electricity that powers our homes.

DNS

DNS Firewall Social Engineering Risk

Access Management is Essential for Strengthening OT Security

Thales Cloud Protection & Licensing

MAY 23, 2022

Access Management is Essential for Strengthening OT Security. These systems are connected to and managed from the cloud to fine-tune performance, provide data analytics, and ensure the integrity of critical infrastructure across all sectors. The vulnerability landscape. Access management is an essential mitigation strategy.

Healthcare

Healthcare Ransomware Authentication Threat Reports

Developer Interest in Cybersecurity Topics Grows as Data Breaches Persist, O’Reilly Analysis Reveals

CyberSecurity Insiders

JANUARY 26, 2022

Each year, O’Reilly gathers usage data across its publishing partners and learning modes, from books and videos to live online training courses, virtual events, practice exams, and interactive scenarios, to provide technology leaders with the trends, topics, and issues to watch in the coming year. For more information, visit www.oreilly.com.

Data breaches

Data breaches Cybersecurity Cryptocurrency Technology

Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer

Malwarebytes

APRIL 3, 2023

Researchers at Orca Security disclosed how they found a remote code execution vulnerability in Azure Service Fabric Explorer. The vulnerability was reported to the Microsoft Security Response Center (MSRC) with responsible disclosure and was included by Microsoft in their March 2023 Patch Tuesday round.

Authentication

Authentication Risk Cybersecurity

EDR vs. MDR Services: Which is Right for You?

Security Boulevard

DECEMBER 15, 2021

Cybersecurity is a topic that keeps many business executives, managers, and IT directors up at night, and with good reason. This week, for example, the Apache Log4j vulnerability has sent security teams…. The average cost of a breach in 2021 is estimated at $4.24 The post EDR vs.

Cyber threats

Cyber threats Technology Cybersecurity Malware

Faults in Our Security: 6 Common Misconceptions in Cybersecurity

SecureWorld News

NOVEMBER 28, 2023

As a regular attendee of security conferences and contributor to security books, it's evident to me that the field remains a hot topic. This approach leads to an endless arms race with hackers, where new vulnerabilities pose constant threats. However, despite the significant investments of time and money, persistent issues persist.

Cybersecurity

Cybersecurity Social Engineering Education Antivirus

Cloud Security Podcast?—?Two Years Later or Our Year-End Reflections for 2022!

Security Boulevard

DECEMBER 22, 2022

and a curious episode on our approach to vulnerability management. We also understand that 102 episodes is a lot and that we cover many topics in a wide field of cloud security. Any new topics to cover? Cloud Security Podcast by Google — Popular Episodes by Topic (Apr 2022). because Mandiant! Fun guests to invite?

Cloud Migration

Cloud Migration CISO Artificial Intelligence Architecture

Security Risks of AI

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

Trending Sources

Cybersecurity Research Topics for Beginners: Exploring the Fundamentals

Exploring Cybersecurity Research Topics for Master’s Degree Studies

ERM Program Fundamentals for Success in the Banking Industry

Cyberattacks in 2021 Highlighted Critical Infrastructure Risks

Best Practices for Mobile App Security Testing for Developers & Non-Developers

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

GUEST ESSAY: Making the case for leveraging automation to eradicate cybersecurity burnout

GUEST ESSAY: The three horsemen of cyber risks: misinformation, disinformation and fake news

The mystery of the CVEs that are not vulnerabilities

“Future of Vulnerability Management” Podcast Episode 3: The Power of Soft Skills in Vulnerability Management

“Future of Vulnerability Management” Podcast Episode 2: Weaknesses in the Vulnerability Management Field

Responsible disclosure - another new policy

“Future of Vulnerability Management” Podcast Episode 9: Why it’s Important for Security Practitioners to Understand Business Logic to Prioritize Vulnerabilities

Remember GDPR? Expect another set of cyber regulations around vulnerabilities

From Google Cloud Blog: “New Cloud Security Podcast by Google is here”

“Future of Vulnerability Management” Podcast Episode 10: How to Reinvigorate the Vulnerability Management Category

“Future of Vulnerability Management” Podcast Episode 4: How a 105 year old Ad Agency Tackles Vulnerability Management With Clients

Security Risks of AI

HEALTHCARE SECURITY – SECURITY WITH LIFE AND DEATH CONSEQUENCES

“Future of Vulnerability Management” Podcast Episode 6: The Role Vulnerability Management Plays in Proper Cyber Hygiene

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

“Future of Vulnerability Management” Podcast Episode 7: How Practitioners Can Use Vulnerability Management to Improve Business Objectives

InfoSec Leaders Share in Podcast Interview at SecureWorld Philadelphia

The Future of the NopSec Platform: The Security Insights Platform for Cyber Threat Exposure Management

“Future of Vulnerability Management” Podcast Episode 5: How to Bridge the Gap Between Risk Management and Core Business Outcomes

We Are Almost 3! Cloud Security Podcast by Google 2023 Reflections

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

Introducing: the “Future of Vulnerability Management” Podcast

SBOM formats SPDX and CycloneDX compared

Holes in Linux Kernel Could Pose Problems for Red Hat, Ubuntu, Other Distros

Report Finds 49% of Security Teams Plan to Replace their ASM Solution in the next 12 Months

“Future of Vulnerability Management” Podcast Episode 8: How Organizational Culture Affects Consensus about the Criticality of Assets

Critical Assets Highly Exposed in Public Cloud, Mobile, and Web Apps

Black Hat 2022: from cyberwarfare to the rise of RCE

The Evolving Landscape of Cybersecurity: Trends and Challenges

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

Access Management is Essential for Strengthening OT Security

Developer Interest in Cybersecurity Topics Grows as Data Breaches Persist, O’Reilly Analysis Reveals

Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer

EDR vs. MDR Services: Which is Right for You?

Faults in Our Security: 6 Common Misconceptions in Cybersecurity

Cloud Security Podcast?—?Two Years Later or Our Year-End Reflections for 2022!

Stay Connected