Mastering the Art of Cloud Tagging Using Data Science
Cloud tagging, the process of labeling cloud assets by certain attributes or operational values, can unlock behavioral insights to optimize and automate cyber asset management at scale.
January 17, 2022
White House Meets With Software Firms and Open Source Orgs on Security
The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software.
January 14, 2022
New Vulnerabilities Highlight Risks of Trust in Public Cloud
Major cloud providers are vulnerable to exploitation because a single flaw can be turned into a global attack using trusted core services.
January 13, 2022
Patch Management Today: A Risk-Based Strategy to Defeat Cybercriminals
By combining risk-based vulnerability prioritization and automated patch intelligence, organizations can apply patches based on threat level. Part 2 of 3.
January 12, 2022
Cloud Apps Replace Web as Source for Most Malware Downloads
Two-thirds of all malware distributed to enterprise networks last year originated from cloud apps such as Google Drive, OneDrive, and numerous other cloud apps, new research shows.
January 11, 2022
Remotely Exploitable NetUSB Flaw Puts Millions of Devices at Risk
A vulnerability in a third-party component used by many networking firms puts consumer and small business routers at risk for remote exploitation.
January 11, 2022
The Evolution of Patch Management: How and When It Got So Complicated
In the wake of WannaCry and its ilk, the National Vulnerability Database arose to help security organizations track and prioritize vulnerabilities to patch. Part 1 of 3.
January 10, 2022
CDN Cache Poisoning Allows DoS Attacks Against Cloud Apps
A Romanian researcher discovers more than 70 vulnerabilities in how applications and their content delivery networks handle cache misses that open the doors to denial-of-service attacks.
January 06, 2022
FTC: Companies Could Face Legal Action for Failing to Patch Log4j
The FTC will pursue companies that fail to take steps to protect consumer data from exposure due to Log4j, officials report.
January 05, 2022
Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells
Microsoft says vulnerabilities present a "real and present" danger, citing high volume of scanning and attack activity targeting the widely used Apache logging framework.
January 04, 2022
Log4j Highlights Need for Better Handle on Software Dependencies
Security pros say the Log4j vulnerability is another warning call for enterprises to get more disciplined when keeping track of software bills of materials.
January 03, 2022
In the Fight Against Cybercrime, Takedowns Are Only Temporary
Disrupting access to servers and infrastructure continues to interfere with cybercrime activity, but it's far from a perfect strategy.
December 30, 2021