Business Management: Security Support and Executive Communications

What is secure remote access in today's enterprise?

Out with the old, in with the new. The meaning of secure remote access, and how organizations achieve it, is changing. Here's what you need to know. Continue Reading

Risk & Repeat: Security startups and trends from RSAC 2021

Analyst Carla Roncato of Enterprise Strategy Group weighs in on RSA Conference and the security startups featured during the show's Innovation Sandbox competition. Continue Reading

Who is responsible for secure remote access management?

The pandemic exposed the need for a strong secure remote access strategy. Now, organizations need to figure out which team must make it happen. Continue Reading

Inept cybersecurity education and training feed into skills gap

Learn why former infosec instructor and author of 'How Cybersecurity Really Works' advocates for changes to security education and training to alleviate the industry skills gap. Continue Reading

Network reconnaissance techniques for beginners

In this excerpt of 'How Cybersecurity Really Works,' author Sam Grubb breaks down common network reconnaissance techniques used by adversaries to attack wired networks. Continue Reading

MDM vs. MAM: What are the key differences?

Mobile workers are productive and even essential to business success. But IT has to protect corporate apps and data -- as well as worker privacy -- via MDM, MAM or both. Continue Reading

DHS opens valve on new pipeline security requirements

The U.S. government has put forward a trio of new cybersecurity requirements for companies that operate oil and gas pipelines, including incident reporting and risk assessment. Continue Reading

3 steps to zero-day threat protection

Don't let a zero-day threat bring down your networks. Follow these three steps to prepare for the unknown and minimize potential damage. Continue Reading

Apiiro wins RSA Conference Innovation Sandbox Contest

Apiiro's automated Code Risk Platform analyzes enterprise software for material changes that can lead to security vulnerabilities, data exposures and compliance risks. Continue Reading

Rowhammer reach extended for new attack method

Google researchers discovered a bit-flipping hardware trick can now be carried out across extra rows of transistors, circumventing protections against the attack technique. Continue Reading

US agencies lack supply chain best practices post-SolarWinds

Vijay D'Souza, the GAO's director of IT and cybersecurity, said during a joint hearing that 'none of the agencies have fully implemented our recommendations.' Continue Reading

Operational technology is the new low-hanging fruit for hackers

FireEye researchers say exposed and poorly guarded industrial systems are being increasingly compromised by low-skill hackers using entry-level exploit techniques. Continue Reading

Chaos in Maricopa County: The election audit explained

The controversy about an election audit of Maricopa County, Ariz., involves accusations of deleted databases, bamboo fibers and potentially ruined voting machines. Continue Reading

Risk & Repeat: Recapping RSA Conference 2021

Election security, nation-state threats and supply chain attacks were major topics at this year's RSA Conference, which was held as a virtual event. Continue Reading

Try this cloud identity and access management quiz

Remote work and increased cloud adoption have dramatically changed identity and access management. Take this cloud IAM quiz for infosec pros to see if your knowledge is up to date. Continue Reading

Cryptography quiz questions and answers: Test your smarts

Put your encryption knowledge to the test, and perhaps even learn a new word or concept in the process with these cryptography quiz questions. Continue Reading

Conti ransomware spree draws FBI attention

Hospitals and emergency service networks in the U.S. are at heightened risk from the new ransomware operation that disrupted Ireland's healthcare system in recent weeks. Continue Reading

Why cloud changes everything around network security

Vishal Jain examines why the data center mindset doesn't work for network security when it comes to using the public cloud and how companies should think instead. Continue Reading

Embrace speed and security for your cloud security strategy

As companies solidify their cloud security strategies, they need to ensure that they're considering where they're at now, governance needed and metrics to follow. Continue Reading

Stale sessions, ML poisoning among 2021's top security threats

An all-star security panel at RSA Conference discusses the biggest issues facing companies today and what it thinks will emerge as the top threats in the coming months. Continue Reading

RSA Conference 2021: 3 hot cybersecurity trends explained

In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading

How to secure remote access for the hybrid work model

With the post-COVID-19 hybrid work model taking shape, discover the technologies and trends analysts and IT leaders view as the anchors to ensure secure remote access. Continue Reading

U.S. officials discuss 2020 election security, misinformation

During an RSA Conference 2021 panel, the CISO for Maricopa County, Ariz., said misinformation posed a bigger challenge for election officials than actual cyberattacks. Continue Reading

Infosec experts: Threat landscape is worst in 60 years

Between an increasing sophistication seen in nation-state groups and a rise in ransomware that's affecting everyone, the threat landscape may be reaching a historic peak. Continue Reading

CrowdStrike breaks down 'Golden SAML' attack

The nightmare scenario, demonstrated at RSA Conference 2021, was used by threat actors in the SolarWinds breach and gave them control over both cloud and on-premises systems. Continue Reading

Create a remote access security policy with this template

The expansion of remote work has created complicated security risks. Get help developing and updating a remote access security policy. Download our free template to get started. Continue Reading

4 ways to handle the cybersecurity skills shortage in 2021

More than half of cybersecurity pros say their organizations could do more to manage negative effects of the skills shortage, such as overwork and burnout. Find out how. Continue Reading

SentinelOne: More supply chain attacks are coming

At RSA Conference 2021, SentinelOne threat researcher Marco Figueroa discussed the implications of the SolarWinds attacks, which he called one of the biggest hacks ever. Continue Reading

SolarWinds CEO: Supply chain attack began in January 2019

SolarWinds CEO Sudhakar Ramakrishna clarified earlier remarks from the company and said the massive supply chain attack was not the result of an intern's mistake. Continue Reading

Cisco shares lessons learned in zero-trust deployment

The networking giant explained at RSA Conference 2021 how it was able to deploy a company-wide zero trust model in less than six months, and what it learned along the way. Continue Reading

How to build a cloud security observability strategy

Security observability in the cloud involves more than workload monitoring. Read up on the essential observability components and tools needed to reap the security benefits. Continue Reading

12 essential features of advanced endpoint security tools

In addition to protecting an organization's endpoints from threats, IT administrators can use endpoint security tools to monitor operation functions and DLP strategies. Continue Reading

Attorneys share worst practices for data breach response

Angry emails, bad jokes and sloppy reports can all lead to legal headaches following a data breach, according to a panel of experts at RSA Conference 2021. Continue Reading

McAfee CTO: Use data to make better cyber-risk decisions

According to McAfee CTO Steve Grobman, the best response to today's cyber-risks includes both human and technology-based solutions, like threat intelligence and good security hygiene. Continue Reading

Neuberger calls for shift in software supply chain security

In an RSA Conference keynote, Anne Neuberger, deputy national security advisor for cyber and emerging technology, said security requires a major "mindset shift." Continue Reading

5 ways bad incident response plans can help threat actors

Infosec executives from Netskope and Chipotle Mexican Grill hosted an RSA Conference session about their personal experiences and lessons learned while responding to attacks. Continue Reading

Sophos: 81% of attacks last year involved ransomware

The majority of incidents Sophos responded to in the last year involved ransomware. The company also found the median dwell time of attackers was 11 days. Continue Reading

Hackers turn Comcast voice remotes into eavesdropping tool

Guardicore researchers at RSA Conference 2021 manipulated the Xfinity XR11 voice controller to covertly record household conversations, raising concerns about IoT devices. Continue Reading

Cyber Defense Matrix makes sense of chaotic security market

The Cyber Defense Matrix aims to help CISOs make strategic, informed security investments that weigh cyber risk mitigation in the context of business constraints and goals. Continue Reading

'Scheme flooding' bug threatens to sink user privacy

Researchers have uncovered a blind spot in web security that opens the door for tracking across multiple browsers and thwarts common privacy protections like incognito and VPN. Continue Reading

Endpoint security strategy: Focus on endpoints, apps or both?

Companies know how to secure traditional endpoints, but what about mobile devices outside the network? They should decide if they want to protect devices, apps or both. Continue Reading

Enterprises mull 5G vs. Wi-Fi security with private networks

While Wi-Fi security can be implemented just as securely as 5G, mechanisms built into 5G offer some compelling benefits to enterprises considering private 5G networks. Continue Reading

Verizon DBIR shows sharp increase in ransomware attacks

According to Verizon's latest Data Breach Investigations Report, 60% of ransomware cases involved either direct installation or installation via desktop sharing software. Continue Reading

Biden signs executive order to modernize cyberdefenses

Following several high-profile attacks on the federal government, the new executive order seeks to eliminate outdated security practices and improve supply chain security. Continue Reading

'FragAttacks' eavesdropping flaws revealed in all Wi-Fi devices

Security researcher Mathy Vanhoef said every Wi-Fi device is impacted by at least one of the 12 vulnerabilities, and most devices are vulnerable to several of the flaws. Continue Reading

What's the difference between sandboxes vs. containers?

Understanding the differences between sandboxes vs. containers for security can help companies determine which best suits their particular use cases. Continue Reading

Container vs. VM security: Which is better?

Security professionals often compare containers vs. VMs when determining whether virtualization or containerization is better for their company's security strategy. Continue Reading

Hacker makes short work of Apple AirTag jailbreak

A security researcher discovered a jailbreaking method for Apple's new mobile locating tracking devices, which were introduced just last month. Continue Reading

Senate hearing raises questions about SolarWinds backdoors

U.S. Department of Commerce CISO Ryan Higgins said in a Senate committee hearing Tuesday that his department was one of first agencies to detect the systemic compromise. Continue Reading

DarkSide: The ransomware gang that took down a pipeline

DarkSide may be best known for the Colonial Pipeline ransomware attack, but the gang has hit dozens of organizations since last summer, presenting itself as a Robin Hood-type group. Continue Reading

Cyber insurance firm AXA halts coverage for ransom payments

As ransomware attacks increase across the globe and ransom payment reimbursement becomes a key issue for cyber insurers, AXA may be setting a new trend for private industries. Continue Reading

Funding is key to strengthening national cybersecurity

In the wake of the Colonial Pipeline ransomware attack, national cybersecurity experts make the case for additional funding during a Senate hearing. Continue Reading

Colonial Pipeline runs dry following ransomware attack

A vital U.S. oil supply was shut down to prevent a ransomware infection from spreading from corporate IT systems to more crucial operational technology systems. Continue Reading

From EDR to XDR: Inside extended detection and response

As the definition of endpoints evolves, so too must the technology to protect them. Enter extended detection and response, or XDR -- one of cybersecurity's hottest acronyms. Continue Reading

'Bulletproof' hosts catch RICO charges for aiding cybercriminals

Four men pleaded guilty to RICO conspiracy charges for operating a bulletproof hosting service that provided infrastructure to cybercriminals' operations. Continue Reading

Despite confusion, zero-trust journey underway for many

Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading

How to successfully automate GRC systems in 7 steps

There is more to automating GRC programs than technology alone. This implementation roadmap helps IT leaders effectively plan, deploy and monitor GRC activities and tools. Continue Reading

'BadAlloc' vulnerabilities spell trouble for IoT, OT devices

A week after Microsoft revealed 25 memory allocation vulnerabilities in several IoT and OT products, some devices have been patched, while others have not. Continue Reading

Popular mobile apps leaking AWS keys, exposing user data

Security researchers at CloudSek discovered approximately 40 popular mobile apps contained hardcoded API secret keys, putting both user information and corporate data at risk. Continue Reading

US defense contractor BlueForce apparently hit by ransomware

The Conti ransomware operators demanded nearly $1 million in bitcoin during ransomware negotiations and threatened to publish the defense contractor's data on its leak site. Continue Reading

How to use CIS benchmarks to improve public cloud security

Safeguarding public cloud environments is a shared responsibility. Cloud customers should use CIS benchmarks to ensure cloud security at the account level. Continue Reading

Dell patches high-severity flaws in firmware update driver

SentinelOne discovered the flaws in Dell's firmware update driver in December. There's no evidence that hackers have exploited the 12-year-old vulnerabilities. Continue Reading

6 ways to spur cybersecurity board engagement

New research suggests corporate boards are paying closer attention to cybersecurity, but experts say progress is still modest and slow. Continue Reading

Twilio discloses breach caused by Codecov supply chain hack

Twilio utilizes Codecov tools including the previously compromised Bash Uploader script. It said that a "small number" of customer emails were potentially exposed. Continue Reading

Researchers use PyInstaller to create stealth malware

Academic researchers say the application builder could be used to create undetectable attack bundles that bypass many widely used antimalware programs. Continue Reading

Buyers must navigate cybersecurity market confusion

Customer confusion in the security market stems from the number of new products designed to deal with a growing number of cyberthreats. Experts look at how to navigate it all. Continue Reading

Qualys finds 21 vulnerabilities in Exim mail software

Qualys, which discovered the '21Nails' vulnerabilities, said that it did not see evidence of exploitation, but many vulnerabilities are 17 years old and at risk of being exploited. Continue Reading

Apple hurries out fixes for WebKit zero-days

Mac and iOS users are urged to patch their devices immediately for Apple WebKit flaws following reports of active exploits in the wild. Continue Reading

Cybersecurity contingency planning needs a face-lift

Following the unexpected craziness of 2020, companies need to sit down and revamp their cybersecurity contingency plan to ensure their business continuity. Continue Reading

Risk & Repeat: Will the Ransomware Task Force make an impact?

The Institute for Security and Technology's Ransomware Task Force published several recommendations to better address the growing security threat. Will they work? Continue Reading

Types of MDR security services: MEDR vs. MNDR vs. MXDR

Organizations considering MDR security services should look into more tightly focused options hitting the market to find the best one for their security program's needs. Continue Reading

Security awareness training quiz: Insider threat prevention

Find out how much you know about preventing user-caused cybersecurity incidents through education in this security awareness training quiz for infosec pros. Continue Reading

Ransomware Task Force takes aim at cryptocurrencies

The Ransomware Task Force released a new report with recommendations on how to tackle the growing ransomware problem, including regulation of cryptocurrency services. Continue Reading

SolarWinds puts national cybersecurity strategy on display

Biden imposed economic sanctions on Russia for its role in the SolarWinds cyber attack. Experts see the response as just one part of a larger national cybersecurity strategy. Continue Reading

Learn how to mitigate container security issues

The more companies embrace application containerization, the more they need to know about container security issues and attack prevention methods. Continue Reading

Adopting containers and preventing container security risks

When it comes to container security risks, organizations often worry about container escapes, but as expert Liz Rice explains, they should focus on prevention and patching. Continue Reading

Codecov breach raises concerns about software supply chain

So far, only HashiCorp has disclosed a breach connected to the attack on Codecov, but threat researchers have drawn parallels to the SolarWinds supply chain attacks. Continue Reading

Cybersecurity key to protect brands in the digital landscape

The digital transformation disrupted the relationship between brand value and risk. Vishal Salvi explains how the right cybersecurity strategy protects both brands and customers. Continue Reading

Rise in ransom payments may fuel more dangerous attacks

A new report from Coveware found that ransom payments increased significantly in Q1 this year, as did ransomware actors' use of software vulnerabilities in attacks. Continue Reading

Applying web application reconnaissance to offensive hacking

Learn how to apply web application reconnaissance fundamentals to improve both offensive and defensive hacking skills in an excerpt of 'Web Application Security' by Andrew Hoffman. Continue Reading

Collaboration is key to a secure web application architecture

Author Andrew Hoffman explains the importance of a secure web application architecture and how to achieve it through collaboration between software and security engineers. Continue Reading

Remaining Emotet infections uninstalled by German police

A German federal police action led to all infections of Emotet malware being uninstalled Sunday, following an international police takeover of Emotet infrastructure in January. Continue Reading

Hackers targeting VPN vulnerabilities in ongoing attacks

As remote work increased during the pandemic, threat actors increasingly targeted known vulnerabilities. Continue Reading

How cloud monitoring dashboards improve security operations

Cloud monitoring dashboards can help security teams achieve visibility in complex, sprawling environments. Learn about cloud-native, third-party and open source deployment options. Continue Reading

DOJ creates ransomware task force to combat digital extortion

An internal memo from the DOJ said the task force will 'bring the full authorities and resources of the Department' in order to confront the growing threat of ransomware. Continue Reading

Zero-day flaw in Pulse Secure VPN exploited in attacks

A remote code execution vulnerability found in Pulse Secure VPN appliances has been exploited in attacks affecting government, defense and financial organizations. Continue Reading

Hackers exploit 3 SonicWall zero-day vulnerabilities

SonicWall patched the zero-day vulnerabilities earlier this month, but the security vendor didn't disclose they were being exploited until Tuesday. Continue Reading

The wide web of nation-state hackers attacking the U.S.

Cybersecurity experts weigh in on what it means to be a nation-state hacker, as well as the activities and motivations of the 'big four' countries attacking the U.S. Continue Reading

6 SSH best practices to protect networks from attacks

SSH is essential, but default installations can be costly. Auditing and key management are among critical SSH best practices to employ at any organization. Continue Reading

Companies must train their SOC teams well to prevent breaches

SOC teams can have all the latest and greatest cybersecurity tools, but unless they have the proper training, it won't be enough to mitigate an attack. Continue Reading

Risk & Repeat: FBI's web shell removal raises questions

The FBI accessed computers -- without the knowledge or consent of the owners -- to remove hundreds of web shells placed in vulnerable Microsoft Exchange servers. Continue Reading

Applus inspection systems still down following malware attack

Applus Technologies said it stopped a malware attack two weeks ago, but systems are still down as eight states are forced to extend vehicle inspection dates. Continue Reading

Nation-state hacker indictments: Do they help or hinder?

While there are some benefits to filing criminal charges against nation-state actors, infosec experts say thus far, indictments haven't reduced cyber attacks. Continue Reading

Unify on-premises and cloud access control with SDP

One security framework available to organizations struggling with on-premises and cloud access control issues is a software-defined perimeter. Learn how SDP can help. Continue Reading

Get to know cloud-based identity governance capabilities

As enterprise cloud adoption increases, the market for cloud identity governance is expected to expand. Learn more about the use cases, benefits and available product options. Continue Reading

5 cybersecurity testing areas CISOs need to address

With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading

FBI removes web shells from infected Exchange servers

The DOJ announced the FBI had successfully removed hundreds of web shells from computers impacted by ProxyLogon and related Exchange Server vulnerabilities. Continue Reading

Sample CCISO exam questions on security project management

This excerpt of 'CCISO Certified Chief Information Security Officer All-In-One Exam Guide' explains security project management fundamentals and provides practice CCISO exam questions. Continue Reading

CCISO exam guide authors discuss the changing CISO role

Learn more about EC-Council's Certified CISO exam and how the certification helps CISOs at any organization manage successful infosec programs and a changing threat landscape. Continue Reading

NSA finds new Exchange Server vulnerabilities

Microsoft said it has not seen the new Exchange Server vulnerabilities being used in attacks against customers, but customers are still advised to patch immediately. Continue Reading