The CISO’s guide to establishing quantum resilience
Pundits evangelize the benefits and challenges enterprises will face in a post-quantum era, but much still needs to be accomplished before these profound transformations of the computing world will...
View ArticleMicrosoft October update patches two zero-day vulnerabilities it says are...
The drama of Patch Tuesday often revolves around zero days, which in October’s haul of 117 vulnerabilities brings patch managers a total of five that have been publicly disclosed. Of those, Microsoft...
View ArticleCybersecurity bill could make ransomware payment reporting mandatory
The Australian Federal Government has introduced the Cyber Security Bill 2024 to Parliament proposing the country’s first standalone cybersecurity Act. The simplified outline of the Act proposes the...
View ArticleEncryption backdoor debates rage across the planet, promising a difficult...
Compliance rules requiring encryption backdoors — not just for attachments, but for text; not just for communications apps, but mobile devices, clouds, and SaaS apps — are being hotly debated in just...
View ArticleWhat’s old is new again: AI is bringing XSS vulnerabilities back to the...
The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a Secure by Design alert in September urging tech manufacturers to remove cross-site...
View ArticleCyber insurance explained: Costs, terms, how to know it’s right for your...
What is cyber insurance? Cyber insurance, also known as cyber risk insurance or cyber liability insurance coverage (CLIC), is an insurance policy that helps cover costs associated with data breaches...
View ArticleTop 6 IDS/IPS tools — plus 4 open-source alternatives
Intrusion detection and prevention systems (IDPS) Detecting and preventing network intrusions used to be the bread and butter of IT security. But over the past few years, analysts and defenders have...
View ArticleStar Health Insurance CISO sold customer data, hacker claims
Just when it seemed like the dust was beginning to settle, the Star Health data breach took a dramatic and shocking turn. According to claims from the hacker behind the breach, Amarjeet Khanuja, the...
View ArticleClik here to view.
Microsoft adressiert Zero-Day-Schwachstellen
Bekanntgegebene Sicherheitslücken nutzen nicht nur den Verteidigern. Auch Angreifer könnten so erst auf mögliche Einfallstore aufmerksam werden.Shutterstock/Nick Beer Im Oktober wurden in Microsofts...
View ArticleSpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to...
IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading Investigations solution used by CTI teams, security operations, fraud and risk prevention...
View ArticleJuniper extends security platform to streamline threat detection, incident...
Juniper Networks is working to integrate more of its security services under one AI-centric roof. The vendor’s new Secure AI-Native Edge offering and cloud-based Security Assurance service are...
View ArticleClik here to view.
Attackers are using QR codes sneakily crafted in ASCII and blob URLs in...
Attackers are always looking for new ways to bypass email security filters and get their malicious URLs in front of victims. One increasingly popular method involves sending emails that include QR...
View ArticleAdmins warned to update Palo Alto Networks Expedition tool immediately
Palo Alto Networks is warning administrators of six critical vulnerabilities in its Expedition configuration migration tool that have to be patched immediately. Multiple vulnerabilities allow an...
View ArticleMozilla reveals critical vulnerability in Firefox
Infosec leaders are being warned to make sure employees using the Firefox browser have the latest update installed after the discovery of a critical zero-day vulnerability. The Mozilla Foundation said...
View ArticleDo the Marriott cybersecurity settlements send the wrong message to CISOs, CFOs?
Years after having been hit by a trio of major data breaches between 2014 and 2020, Marriott announced on Wednesday settlements both with the US Federal Trade Commission (FTC) and a group of the...
View ArticleMalicious open-source software packages have exploded in 2024
Malware is infiltrating the open-source software development ecosystem at an alarming rate, according to a new report from software supply chain management firm Sonatype. The company has tracked over...
View ArticleClik here to view.
What’s next for the CISO role?
As executive vice president and CISO, Jerry Geisler is a top-level executive at Walmart. That rank, along with continued investment in the cybersecurity program, reflects his company’s commitment “to...
View ArticleIranian hackers use Windows holes to attack critical Gulf and Emirates systems
An Iran-linked cyber-espionage group has been, in recent months, conducting cyberattacks in the United Arab Emirates (UAE) and the Gulf region by exploiting a privilege escalation flaw in Windows...
View ArticleOpen source package entry points could be used for command jacking
Open source application packages, including those in Python and JavaScript, have a vulnerability in their entry points that could be used by threat actors to execute malicious code to steal data,...
View ArticleChinese researchers break RSA encryption with a quantum computer
In a potentially alarming development for global cybersecurity, Chinese researchers have unveiled a method using D-Wave’s quantum annealing systems to crack classic encryption, potentially...
View Article