- 5 Signs Someone Might be Taking Advantage of Your Security Goodness
Not everyone in a security department is acting in good faith, and they'll do what they can to bypass those who do. Here's how to spot them.
- Failing Toward Zero: Why Your Security Needs to Fail to Get Better
Each security incident should lead to a successive reduction in future incidences of the same type. Organizations that fail toward zero embrace failure and learn from their mistakes.
- Do You Know Who's Lurking in Your Cloud Environment?
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform.
- Look Beyond the 'Big 5' in Cyberattacks
Don't ignore cyber operations outside US and European interests, researcher says. We can learn a lot from methods used by attackers that aren't among the usual suspects.
- Prevention Is Better Than the Cure When Securing Cloud-Native Deployments
The "OODA loop" shows us how to secure cloud-native deployments and prevent breaches before they occur.
- Why Security Awareness Training Should Be Backed by Security by Design
Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior.
- Latest Version of TrickBot Employs Clever New Obfuscation Trick
The malware takes advantage of how the Windows command line interpreter works to try and slip past anti-detection tools, Huntress Labs says.
- Baidu Apps Leaked Location Data, Machine Learning Reveals
Several apps available on the Google Play Store, including two made by Chinese Internet giant Baidu, leaked information about the phone's hardware and location without the user's knowledge, …
- How Ransomware Defense Is Evolving With Ransomware Attacks
As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice.
- CISA Warns of Holiday Online Shopping Scams
The agency urges shoppers to be cautious of fraudulent websites, unsolicited emails, and unencrypted financial transactions.
- Alexa, Disarm the Victim's Home Security System
Researchers who last year hacked popular voice assistants with laser pointers take their work to the next level.
- Cloud Security Startup Lightspin Emerges From Stealth
The startup, founded by former white-hat hackers, has secured a $4 million seed round to close security gaps in cloud environments.
- US Treasury's OFAC Ransomware Advisory: Navigating the Gray Areas
Leveraging the right response strategy, following the regulations, and understanding the ransom entity are the fundamentals in any ransomware outbreak.
- What's in Store for Privacy in 2021
Changes are coming to the privacy landscape, including more regulations and technologies.
- Printers' Cybersecurity Threats Too Often Ignored
Remote workforce heightens the need to protect printing systems against intrusion and compromise.
- Security Researchers Sound Alarm on Smart Doorbells
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them.
- As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Companies should plan their future workforce model now, so they have time to implement the necessary tools, including cybersecurity and seamless remote access, a Forrester report says.
- Ransomware Grows Easier to Spread, Harder to Block
Researchers illustrate the evolution toward more complete and effective ransomware attacks designed to cripple target organizations.
- Evidence-Based Trust Gets Black Hat Europe Spotlight
An FPGA-based system could change the balance of power between hardware attackers and defenders within IT security.
- Manchester United Suffers Cyberattack
Premier League soccer club says the attack didn't affect its website and app, and it doesn't appears to have exposed any fan or customer data either.