2018 In the Rearview Mirror
Commentary | 12/20/2018 | Among this year's biggest news stories: epic hardware vulnerabilities, a more lethal form of DDoS attack, Olympic 'false flags,' hijacked home routers, fileless malware — and a new world's record for data breaches.
Email Spam: Don't Be a Chump or a Jerk
Alan Zeichick | 12/20/2018 | For decades, spam emails have clogged up corporate email inboxes. However, there are some simple rules and guidelines IT pros, as well as marketers, can use to cut down on this, and make everyone more secure.
Jenkins Flaw Can Allow Attackers to Log In as Admins
Larry Loeb | 12/19/2018 | New research from CyberArk finds a critical flaw in Jenkins servers that can allow an attacker to log in as an administrator, which can lead to any number of compromises and malicious activity.
How to Engage Your Cyber Enemies
Commentary | 12/18/2018 | Having the right mix of tools, automation, and intelligence is key to staying ahead of new threats and protecting your organization.
Shhhhh! The Secret to Secrets Management
Commentary | 12/17/2018 | Companies need to take a centralized approach to protecting confidential data and assets. Here are 12 ways to get a handle on the problem.
IoT Botnets Shifting to Exploit Vulnerabilities
Jeffrey Burt | 12/13/2018 | A report from NetScout's ASERT Team finds that IoT devices are vulnerable to exploits for long periods of time and can be attacked within minutes after coming online.
Deception: Honey vs. Real Environments
Commentary | 12/12/2018 | A primer on choosing deception technology that will provide maximum efficacy without over-committing money, time and resources.
M2M Protocols Expose IoT Data, Trend Micro Finds
Jeffrey Burt | 12/11/2018 | The MQTT and CoAP protocols that are crucial to IoT and IIoT operations have significant vulnerabilities that puts devices at risk, according to analysis from Trend Micro.
SD-WAN Security: Why Zero-Trust Authentication Is Key
Alan Zeichick | 12/10/2018 | SD-WAN provides big benefits compared to traditional WAN connections between data centers and remote locations. However, authentication remains a concern. Here's why zero trust is a must.
APTs in 2018: A Mix of Old & New
Jeffrey Burt | 12/10/2018 | Established threat groups and new players alike made for an active APTs scene this year, according to researchers with Kaspersky Lab.
Bringing Compliance into the SecDevOps Process
Application security should be guided by its responsibility to maintain the confidentiality, integrity, and availability of systems and data. But often, compliance clouds the picture.
The Case for a Human Security Officer
Wanted: a security exec responsible for identifying and mitigating the attack vectors and vulnerabilities specifically targeting and involving people.
IT & OT Convergence: a Potential Security Nightmare
Alan Zeichick | 12/5/2018 | Industrial systems are rapidly connecting to the wider, public Internet. There are a host of security problems that comes with this convergence, however, and combing IT and OT is not the cure. Here's why.
5 Emerging Trends in Cybercrime
Organizations can start today to protect against 2019's threats. Look out for crooks using AI "fuzzing" techniques, machine learning, and swarms.
GDPR Fines: Some Bark, Little Bite
Joe Stanganelli | 12/3/2018 | As Security Now says 'Happy Halfiversary' to GDPR, we take a look at what few GDPR fines and other DPA orders and guidance have been made public over the past six months.
|