A cloud environment is not a replica of an on-premises network or a data center. Unlike traditional data centers which have a rigid IT architecture blueprint, the cloud comes with flexibility that allows users to architect their infrastructure and res…
Tag: Security Boulevard (Original)
Europe, Global Security News, North America
AMD Latest Victim of RansomHouse Gang
by Teri Robinson •
It’s been a challenging couple of years for AMD. After the last few years of disruption and amid the global chip shortage, the company has been attacked by the RansomHouse Extortion Group, which claims to have exfiltrated more than 450 GB of dat…
Europe, Global Security News, North America, Vulnerabilities
‘ChinaDan’ Hacks 1 BILLION Police Records from Shanghai: 23TB of PII for Sale
by Richi Jennings •
“China’s Largest Data Leak” is causing a kerfuffle in Beijing. A hacker calling themself ChinaDan is holding 23 terabytes of personal data for ransom.
The post ‘ChinaDan’ Hacks 1 BILLION Police Records from Shanghai: 23TB of PII for Sale appeared firs…
Europe, Global Security News, North America
How Authentication Strengthens Security and UX
by Rakesh Soni •
Today, user experience (UX) is considered a game-changer for every business offering online services—no wonder enterprises are putting their best foot forward to meet the expectations of their potential customers. However, most of them aren’t aware th…
Europe, Global Security News, North America, Vulnerabilities
Attackers Work Hard to Engineer Trust; SharePoint, OneDrive Accounts at Risk
by Teri Robinson •
A pair of reports released this month underscore just how successful phishing is and the lengths to which adversaries will go to con victims. In the first report, Trend Micro said it blocked more than 33.6 million cloud-based email threats last year, …
Europe, Global Security News, North America
CISO Talk EP 22 – Diversity, Equity and Inclusion in Security – TechStrong TV
by Mitchell Ashley •
Mitch Ashley: Hi and welcome to CISO Talk. My name is Mitch Ashley; I am CTO with Techstrong Group, as well as principal at Techstrong Research. I’m joined, today, by my cohast – cohost [laughter], Matt Newfield. It’s the end of year, I…
Europe, Global Security News, North America
Inching Toward Defend Forward
by Luke Wilson •
The increase in cyberattacks—and the increase in the cost of cyberattacks—sends a clear signal: Something about the cybersecurity industry needs to change. We live in a world where malicious cyberattack campaigns are persistent and relentless. Even as…
Europe, Global Security News, North America, Vulnerabilities
Using AI/ML to Secure the Hybrid Workforce
by Sue Poremba •
First, workplaces went fully remote to keep business operations running during the COVID-19 pandemic. Now, as the pandemic is easing into endemic, organizations are asking their employees to return to their offices. Many workers are choosing a hybrid …
Europe, Global Security News, North America
Disgruntled Law School Applicant’s Cyberharassment Ends With Narrow Court Ruling
by Mark Rasch •
Ho Ka Terrance Yung wanted to go to Georgetown University School of Law. He had good grades and good LSAT scores and arranged for an “alumni” interview—an interview with a former Hoya to accelerate his application process. The interview did not go wel…
Europe, Global Security News, North America
High Availability and Security for Cloud-Based Systems
by Dave Bermingham •
IT organizations striving to ensure compliance with HIPAA, Sarbanes-Oxley, BASEL II and similar regulations generally have a good grasp of the security considerations that apply to key hardware and software systems running in the cloud. They need to m…
Europe, Global Security News, North America
Google Launches Advanced API Security to Combat API Threats
by Nathan Eddy •
Google launched a preview version of a service called Advanced API Security aimed at helping organizations combat growing threats targeting application programming interfaces (APIs). The goal of the service, built on the API management platform Apige…
Europe, Global Security News, North America
GAO: CISA, Treasury Must Assess Critical Infrastructure Risks
by George V. Hulme •
When attackers breached Colonial Pipeline using a stolen password, it took a lot of people by surprise. But the reality is such attacks against critical infrastructure were brewing for some time. Last week, the U.S. Government Accountability Office (G…
Europe, Global Security News, North America
Palo Alto Networks Expands Web App and API Security Options
by Michael Vizard •
Palo Alto Networks has added an out-of-band option for securing web applications and application programming interfaces (APIs) to its Prisma Cloud service. In addition, Palo Alto Networks has added an agentless capability for extending Prisma Cloud to…
Europe, Global Security News, North America
Adopting a Multifaceted Security Approach
by John Moschella •
Over the past decade, terms like malware and ransomware have increasingly entered into the public vernacular, especially as they relate to highly publicized, high-profile cybersecurity attacks. Most recently, the Biden administration issued a dire war…
Europe, Global Security News, North America
Cerby Emerges From Stealth to Transform Application Security
by Michael Vizard •
Cerby this week emerged from stealth to unveil a security platform that allows end users to enroll their preferred applications rather than being limited to a set of applications that were pre-approved by an IT organization. Fresh from raising $12 mil…
Europe, Global Security News, North America, Vulnerabilities
Russian Hackers Declare War on Lithuania — Killnet DDoS Panic
by Richi Jennings •
NATO member Lithuania is under attack from Russian hacking group Killnet. It raises serious concerns over Russia’s use of cyber warfare against NATO states.
The post Russian Hackers Declare War on Lithuania — Killnet DDoS Panic appeared first on Secur…
Europe, Global Security News, North America, Vulnerabilities
Protecting Organizations From 5G Threats
by Sunil Ravi •
The industry is buzzing about 5G technology and its potential. For example, almost every new smartphone is advertised as “5G compatible,” with the majority of mobile subscriptions switching to 5G over the next five years. With its promise of improved …
Europe, Global Security News, North America
Using AI and ML to Fight Zero-Day Attacks
by Sue Poremba •
If it felt like you were asked to download a lot of patches in May and June, it’s because there were a lot of patches in May and June. An increase in zero-day vulnerabilities and exploits led to an increase in attacks. In fact, Mandiant reported that …
Europe, Global Security News, North America
ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo
by Richi Jennings •
We could soon have a federal GDPR. But the American Data Privacy and Protection Act wasn’t the only privacy related issue on Capitol Hill last week.
The post ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo appeared first on Security Boul…
Europe, Global Security News, North America
Hermit Previews Sophisticated Spyware To Come
by Teri Robinson •
The appropriately named Hermit enterprise-grade Android surveillanceware currently used by the Kazakhstan government within its borders—and deployed to Italy and Syria—portends the sophistication of spyware to come. “The Hermit app that initially is i…
Europe, Global Security News, North America
House Passes ICS Cybersecurity Training Act
by Christopher Burgess •
In a predominantly bipartisan vote, the Industrial Control Systems Cybersecurity Training Act was passed by the House of Representatives on the evening of June 21, 2022. The bill, sponsored by Representative Eric Swalwell (D-CA) establishes within the…
Europe, Global Security News, North America, Vulnerabilities
NSA Wants To Help you Lock Down MS Windows in PowerShell
by Richi Jennings •
A new cheatsheet from four infosec agencies tells us how to use PowerShell for good, rather than let scrotes misuse it to “live off the land.”
The post NSA Wants To Help you Lock Down MS Windows in PowerShell appeared first on Security Boulevard.
Europe, Global Security News, North America
Cybercriminals Hit Travel and Hospitality – Hard
by Teri Robinson •
As if travel and travel-related activities aren’t fraught enough after the onset of the COVID-19 pandemic, cybercriminals have added an extra layer of turmoil, promoting scams to take advantage of people ready to spread their wings and travel after ye…
Europe, Global Security News, North America
NIST Sets SSE Framework in Final SP 800-160 Guidance
by Nathan Eddy •
The National Institute of Standards and Technology (NIST) published a final version of updated standards for systems security engineering (SSE) with significant content and design changes, including a renewed emphasis on the importance of systems engi…
Europe, Global Security News, North America
The Million-Dollar Question: To Pay or Not to Pay Ransom?
by Aamir Lakhani •
Ransomware is one of the most serious threats to businesses today. In fact, a recent survey found that 85% of enterprises are more concerned about the prospect of ransomware attacks than any other kind of attack. The decision of whether or not to pay …
Europe, Global Security News, North America
Machine Learning Tackles Ransomware Attacks
by Sue Poremba •
There are approximately 250 known ransomware families, and these families are directly related to the rise of ransomware-as-a-service, according to Bitdefender. “Ransomware infection is just the final step; these modern attacks take some time to prepa…
Europe, Global Security News, North America, Vulnerabilities
Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’
by Richi Jennings •
Capital One hacker Paige A. Thompson has been found guilty. But it has to be said that Capital One’s security design was absolutely awful.
The post Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’ appeared first on S…
Europe, Global Security News, North America
TechStrong Con: Diversity Key to Solving Cybersecurity Talent Shortage
by Michael Vizard •
The only way to address the cybersecurity talent shortage is to further invest in diversity, equity and inclusion. DEI can provide the added benefit of bringing a wide range of perspectives to bear in solving complex cybersecurity challenges. A “Why D…
Europe, Global Security News, North America
5 Tips to Thwart Business Email Compromise (BEC) Attacks
by Oliver Noble •
There’s been an astounding 84% increase in business email compromise (BEC) attacks, according to the latest NordLocker Email Threat Report, which compared half-yearly statistics. The news should be particularly alarming to organizations that use email…
Europe, Global Security News, North America
Digital Value Chain Attacks on the Rise
by Nathan Eddy •
Cybercriminals are moving to exploit vulnerabilities in the digital value chain as organizations fight to secure a rapidly expanding threat surface. These were among the findings of a report from Micro Focus subsidiary CyberRes. The study revealed No…
Europe, Global Security News, North America
A Qubit of Solace: How QKD Systems Defend Against Future Cyberattacks
by Steve Alexander •
Every industry is on high alert when it comes to cyberattacks, and rightly so. A cyberattack can halt business, add unexpected costs to mitigate, damage a company’s reputation and more. Cybercriminals can take many forms: They may steal your credentia…
Europe, Global Security News, North America
Uvalde Shooting Investigation Reveals Major Privacy Violation
by Mark Rasch •
In Carpenter v. United States, the Supreme Court noted that, in order for law enforcement officials to obtain location data for cell phones, they needed to have a warrant signed by a neutral and detached magistrate, establish probable cause to believe…
Europe, Global Security News, North America, Vulnerabilities
HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook
by Richi Jennings •
A study shows many U.S. hospitals are leaking personal information to Facebook. Experts say it’s a HIPAA violation.
The post HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook appeared first on Security Boulevard.
Europe, Global Security News, North America
We Need Zero-Trust for Private Cellular Networks
by Liron Ben-Horin •
For years, there were IP networks and public cellular networks. Each had its own functions, goals and purpose, and never did the ‘twain meet. But with the growth of private LTE and 5G networks, cellular technology now serves the same purposes that IP …
Europe, Global Security News, North America
Surfshark Finds US is the Most-Breached Country
by Natan Solomon •
A recent study by cybersecurity company Surfshark showed that the U.S. is the most breached country—and has been since 2004, among other alarming findings. With cybersecurity threats on the rise, Surfshark’s latest project is the first-ever tool that…
Europe, Global Security News, North America
Survey: Maintaining Cybersecurity Balance is a Challenge
by Michael Vizard •
A survey of 1,007 IT decision-makers at small-to-medium enterprises (SMEs) found two-thirds of respondents (66%) conceded that adding security measures resulted in more cumbersome user experiences. The survey polled SMEs in the U.S. and United Kingdom…
Europe, Global Security News, North America, Vulnerabilities
Radware Survey Reveals API Security Weaknesses
by Michael Vizard •
A survey published today suggests there is a disconnect between the perceived and actual level of security being applied to application programming interfaces (APIs). The survey polled 203 IT professionals in Europe, Asia and North America from organi…
Europe, Global Security News, North America
Firewalls and the Plateau of Productivity
by Jaye Tillson •
Firewalls: Something every architect is familiar with. Something that still raises many of our heart rates. At some point in your IT career, it’s likely you’ve had to deploy and configure a firewall and most likely it was a painful experience no…
Europe, Global Security News, North America
4 Cloud Application Security Best Practices
by Gilad David Maayan •
In today’s digital-first landscape, more and more organizations move their workloads to the cloud. However, many do not realize that cloud environments come with a certain set of unique security threats. In this article, you will learn about top clou…
Europe, Global Security News, North America
How to Build Cybersecurity Resilience
by A.N. Ananth •
Cybersecurity has been changing rapidly over the past couple of years, due in no small part to the COVID-19 pandemic. In response, organizations have digitized at an unprecedented rate and, in the process, created new opportunities for cybersecurity s…