Business Management: Security Support and Executive Communications

Zero Day Initiative launches new bug disclosure timelines

The Trend Micro Zero Day Initiative's vulnerability disclosure policy will now mandate shorter disclosure windows for flaws believed to result from bypassed security patches. Continue Reading

Why 2023 is the year of passwordless authentication

Passwords may soon be relegated to the past thanks to IAM vendors' efforts to create passwordless login options. Here's why 2023 should be the year of passwordless authentication. Continue Reading

How CI/CD pipelines are putting enterprise networks at risk

At Black Hat USA 2022, NCC Group researchers demonstrated how threat actors can compromise CI/CD pipelines and break out into enterprise networks and cloud environments. Continue Reading

Google researchers dissect Android spyware, zero days

Researchers with Google's Threat Analysis Group say the ecosystem of surveillance vendors is far larger than just NSO Group, and some vendors are sharing or trading exploits. Continue Reading

What is data security? The ultimate guide

Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading

Ermetic addresses IAM weaknesses in multi-cloud environments

Researchers at the cloud security vendor discussed the importance of understanding the different identity and access management features among the major cloud providers. Continue Reading

Chris Krebs: It's still too hard to work with the government

Former CISA Director Chris Krebs offered multiple areas of improvement to the U.S. government's cyber readiness during a Black Hat 2022 keynote. Continue Reading

Compare SAST vs. DAST vs. SCA for DevSecOps

SAST, DAST and SCA DevSecOps tools can automate code security testing. Discover what each testing method does, and review some open source options to choose from. Continue Reading

Industroyer2: How Ukraine avoided another blackout attack

A Black Hat 2022 session explained how the latest attack on Ukraine's energy grid was thwarted this spring, thanks to quick responses and timely sharing of threat data. Continue Reading

Is ethical hacking legal? And more ethical hacking advice

Is ethical hacking legal? Learn about the legality of ethical hacking, why it's important, its benefits and what organizations should look for when hiring an ethical hacker. Continue Reading

Ethical hacking: How to conduct a Sticky Keys hack

Physical security is often overlooked by cybersecurity teams. Learn about physical cybersecurity attacks in step-by-step instruction on how to conduct a Windows Sticky Keys hack. Continue Reading

Cloud database security: Key vendor controls, best practices

If your company is using a cloud database, it's critical to stay on top of security. Review the security features offered by top cloud providers, plus some best practices. Continue Reading

U.S. sanctions another cryptocurrency mixer in Tornado Cash

The U.S. Treasury Department issued sanctions against Tornado Cash, a cryptocurrency mixer accused of helping North Korea's Lazarus Group launder stolen funds. Continue Reading

10 top open source security testing tools

From Kali Linux to Mimikatz to Metasploit, learn about 10 open source penetration testing tools organizations can use to determine how secure their network is. Continue Reading

VMware: The threat of lateral movement is growing

The majority of incident response professionals surveyed for VMware's 'Global Incident Response Threat Report' observed lateral movement in at least some attacks in the past year. Continue Reading

Guide to the latest Black Hat 2022 Conference news

This Black Hat 2022 guide offers readers breaking news, trending topics and technical expert insights from one of the leading cybersecurity conferences. Continue Reading

5 data security challenges enterprises face today

Data empowers enterprises to succeed. But with great power comes great responsibility -- to keep that data secure. Here are five challenges today's businesses must meet. Continue Reading

Importance of enterprise endpoint security during a pandemic

Enterprises often focus greatly on communications security and less on endpoint security. Review the importance of enterprise endpoint security and best practices to implement it. Continue Reading

Cybersecurity lessons learned from COVID-19 pandemic

Cybersecurity lessons companies learn from the COVID-19 pandemic include having work-from-home preparations and developing disaster recovery and business continuity plans. Continue Reading

Amazon CSO Steve Schmidt talks prescriptive security for AWS

In part two of this Q&A, Amazon CSO Steve Schmidt discusses why AWS has taken a more prescriptive approach to customer security and how it influences areas like incident response. Continue Reading

Amazon CSO Steve Schmidt preaches fungible resources, MFA

In a Q&A with SearchSecurity, Amazon CSO Steve Schmidt discusses his time as head of AWS security and shifts the cloud provider made to improve its posture, as well as customers'. Continue Reading

Thoma Bravo to acquire Ping Identity for $2.8B

Thoma Bravo's bid is expected to close in the fourth quarter of 2022. Ping Identity's purchase price represents a 63% premium over the vendor's closing price Tuesday. Continue Reading

New Microsoft tools aim to protect expanding attack surface

New security concerns have arisen around initial attack vectors and visibility into a broader attack surface as companies have moved to the cloud, according to Microsoft. Continue Reading

July another down month in ransomware attack disclosures

July saw a similar number of ransomware attack disclosures as June, previously the sparsest month for disclosures this year, according to SearchSecurity's data. Continue Reading

Data masking vs. data encryption: How do they differ?

Discover how the data security techniques of data masking and data encryption compare, while also learning about different types of both and their use cases. Continue Reading

The importance of data security in the enterprise

Three industry experts discuss the criticality of data security in the enterprise, including the significance of data breaches and compliance regulations. Continue Reading

10 enterprise database security best practices

Beyond protecting enterprise databases from vulnerabilities, it is critical to improve and review their security on a regular basis. Learn more with these database security best practices. Continue Reading

Top 10 UEBA enterprise use cases

The top user and entity behavior analytics use cases fall in cybersecurity, network and data center operations, management and business operations. Check out the risks. Continue Reading

10 biggest data breaches in history, and how to prevent them

Did you know the biggest data breach in history exposed a whopping 3 billion records? Learn more about the largest data breaches and get advice on how to prevent similar attacks. Continue Reading

Coveware: Median ransom payments dropped 51% in Q2

Coveware hypothesized that large enterprises are making themselves more expensive targets for ransomware gangs and refusing to give into high demands. Continue Reading

SSH key management best practices and implementation tips

SSH connects key systems and the people and processes necessary to keep them functioning. Learn how to use SSH key management best practices to protect your systems and network. Continue Reading

How to perform a data risk assessment, step by step

Organizations need confidence that they are properly identifying and protecting sensitive data. Follow these five steps to create a data risk assessment. Continue Reading

Microsoft: Austrian company DSIRF selling Subzero malware

Microsoft said Austrian penetration testing firm DSIRF exploited multiple zero-day vulnerabilities, including the recently patched CVE-2022-22047. Continue Reading

How to prevent a data breach: 10 best practices and tactics

When it comes to data breach prevention, the stakes are high. While it's impossible to eliminate the risk, organizations can minimize it by following these best practices. Continue Reading

How to develop a data breach response plan: 5 steps

A data breach response plan outlines how a business will react to a breach. Follow these five steps, and use our free template to develop your organization's plan. Continue Reading

AWS adds anti-malware and PII visibility to storage

New tools unveiled by AWS at re:Inforce 2022 add new anti-malware capabilities to AWS block storage and a way to find personally identifiable information with S3 object storage. Continue Reading

How to secure data at rest, in use and in motion

With internal and external cyber threats on the rise, check out these tips to best protect and secure data at rest, in use and in motion. Continue Reading

SSH2 vs. SSH1 and why SSH versions still matter

The Secure Shell protocol, SSH, was redesigned and released as SSH2 in 2006. While SSH1 lingers for legacy uses, find out how the protocols differ and why it's important. Continue Reading

AWS issues MFA call to action at re:Inforce 2022

To reduce growing attack surfaces in the cloud, AWS executives emphasized the importance of implementing MFA to protect accounts and blocking public access to cloud resources. Continue Reading

3 ways to help cybersecurity pros avoid burnout

Many security professionals are pushed to their breaking point. Discover three ways employers and managers can help their employees avoid burnout. Continue Reading

CrowdStrike launches cloud threat hunting service

Launched at AWS re:Inforce 2022, CrowdStrike's Falcon OverWatch Cloud Threat Hunting is a standalone threat hunting service built to stop advanced threats from within the cloud. Continue Reading

Top 10 enterprise data security best practices

To protect your organization's data and prevent its misuse, incorporate these 10 data security best practices into your enterprise data security strategy. Continue Reading

Symmetric vs. asymmetric encryption: What's the difference?

Explore the differences between symmetric vs. asymmetric encryption, including how they work and common algorithms, as well as their pros and cons. Continue Reading

NCC Group observes a drop in ransomware attacks -- for now

Changes in top ransomware-as-a-service groups like LockBit 2.0 and Conti accounted for the decline in activity, though NCC Group anticipates attacks will ramp back up. Continue Reading

Atlassian Confluence plugin contains hardcoded password

A flaw in Questions for Confluence, a first-party application in Atlassian Confluence, contains a hardcoded password enabling access into any vulnerable instance. Continue Reading

How to create a data security policy, with template

Are you looking to create or update your organization's data security policy? Learn about the key elements of a data security policy, and use our free template to get started. Continue Reading

SynSaber: Only 41% of ICS vulnerabilities require attention

The industrial cybersecurity vendor analyzed 681 ICS vulnerabilities that were disclosed this year and found many had a low probability of exploitation. Continue Reading

DOJ report warns of escalating cybercrime, 'blended' threats

The Department of Justice's cyber review report warned that the lines between conventional cybercriminal activity and national security threats have all but disappeared. Continue Reading

VMDR: Inside vulnerability management, detection and response

VMDR offers automated asset identification, threat prioritization and patch management. But do companies need another vulnerability management tool? Continue Reading

Sophos launches cross-operational task force X-Ops

The Sophos X-Ops team aims to create an AI-assisted security operations center using the cybersecurity vendor's research and threat response teams. Continue Reading

Cyber-war game case study: Preparing for a ransomware attack

In this real-world cyber-war game case study, an exercise on ransomware preparedness helped a company discover shortcomings in its incident response plan. Continue Reading

Key factors to achieve data security in cloud computing

Enterprises face a variety of data security concerns when deploying assets to the cloud. But there are some guidelines you can follow to make sure your assets are protected. Continue Reading

Cryptocurrency mixer activity reaches new heights in 2022

Chainalysis observed a stark uptick in April that led to a steady decline in May and June, but illicit addresses and DeFi platforms have kept mixers busy so far this year. Continue Reading

Risk & Repeat: Ransomware in 2022 so far

This podcast episode discusses ransomware in 2022, including an apparent decrease in attacks, the evolution of cybercrime operations and the lack of visibility into the threat. Continue Reading

Pen testing vs. vulnerability scanning: What’s the difference?

Confused by the differences between pen tests and vulnerability scans? You're not alone. Learn the key differences between the two and when each should be used. Continue Reading

Cryptocurrency crash triggers crisis for dark web exchanges

Cybersixgill says dark web exchanges that help cybercriminals launder their funds are facing a crisis as users are cashing out amid a cryptocurrency price crash. Continue Reading

3 steps for getting started with security service edge

Before getting started with security service edge (SSE), formulate a migration strategy. Check out these three expert tips for tackling SSE with maximum efficiency and ease. Continue Reading

SecOps vs. CloudSecOps: What does a CloudSecOps team do?

Now, more than ever, organizations need to build controls, monitor and enact security response activities for the cloud. This is where the CloudSecOps team comes into play. Continue Reading

Researcher develops Hive ransomware decryption tool

Despite being only a year old, Hive ransomware has grown into a prominent ransomware-as-a-service operator. The decryptor tackles Hive's newer, better-encrypted version. Continue Reading

Supreme Court justices doxxed on dark web

Five conservative Supreme Court justices were reportedly doxxed by threat actors that claim to have obtained credit card numbers, addresses and other information. Continue Reading

4 critical flaws among 84 fixes in July Patch Tuesday

Microsoft's Patch Tuesday release for July brought dozens of fixes for security flaws in Windows, an Azure disaster recovery tool and the problematic Print Spooler service. Continue Reading

How to use SSH tunnels to cross network boundaries

The Secure Shell protocol authenticates and encrypts network connections. Find out how it's used to build tunnels while crossing private networks and even firewalls. Continue Reading

Clearing up cybersecurity architecture confusion, challenges

There's no lack of cybersecurity frameworks, but there is a lack of resources to help small and midsize organizations build a cybersecurity architecture -- until now. Continue Reading

4 criteria to measure cybersecurity goal success

Measuring the success of cybersecurity goals is challenging because they are components of larger goals and often probabilistic rather than deterministic. Continue Reading

Top 7 types of data security technology

These seven types of data security technologies -- from encryption to masking -- will better protect customer and enterprise data from inappropriate and unauthorized access and use. Continue Reading

Early detection crucial in stopping BEC scams

Cofense Intelligence studied hundreds of business email compromise attacks and found that most scams attempt to establish trust with targeted employees over multiple emails. Continue Reading

How to create a critical infrastructure incident response plan

Does your organization have an incident response plan for disruptions to critical infrastructure? Learn how to write a successful plan for your company. Continue Reading

Public sector still facing ransomware attacks amid decline

While ransomware activity has reportedly decreased worldwide in recent months, several public sector organizations in the U.S. suffered attacks in June. Continue Reading

5G networks vulnerable to adversarial ML attacks

A team of academic researchers introduced an attack technique that could disrupt 5G networks, requiring new ways to protect against adversarial machine learning attacks. Continue Reading

HackerOne incident raises concerns for insider threats

While the threat actor's motivation appears to be financial, it shows just how damaging an insider threat could be for vulnerability disclosure and bug bounty systems. Continue Reading

Ransomware in 2022: Evolving threats, slow progress

Experts say trends involving new forms of leverage, increasing numbers of affiliates and the evolving cyber insurance market are shaping the ransomware landscape in 2022. Continue Reading

How to write a cybersecurity job posting

Is your organization struggling to find cybersecurity talent? Your job descriptions could be the problem. Learn how to write a good cybersecurity job posting. Continue Reading

How to define cyber-risk appetite as a security leader

In this excerpt from 'The CISO Evolution: Business Knowledge for Cybersecurity Executives,' learn how to define and communicate an enterprise's true cyber-risk appetite. Continue Reading

How to find your niche in cybersecurity

It's difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry. Continue Reading

A 'CISO evolution' means connecting business value to security

As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading

SANS Institute: Human error remains the top security issue

The SANS Institute's annual report on security awareness found that human risk is still the biggest source of data breaches and security issues for enterprises. Continue Reading

How to conduct a cyber-resilience assessment

It's a good cyber hygiene practice to periodically review your organization's cybersecurity plans and procedures. Use this checklist to guide your cyber-resilience assessment. Continue Reading

Ransomware gangs using Log4Shell to attack VMware instances

Ransomware groups are exploiting the Log4Shell flaw in VMware Horizon and using DLL sideloading techniques to exfiltrate and encrypt data, according to Trend Micro. Continue Reading

Cisco Talos techniques uncover ransomware sites on dark web

One of the three techniques Cisco Talos used to de-anonymize ransomware dark web sites is to match TLS certificate serial numbers from dark web leak sites to the clear web. Continue Reading

Why the next-gen telecom ecosystem needs better regulations

The telecom industry keeps the world connected but also poses national and cybersecurity risks. Learn why the sector needs better -- and uniform -- regulations. Continue Reading

Wiz launches open database to track cloud vulnerabilities

Wiz researchers Alon Schindel and Amitai Cohen and Scott Piper, cloud security engineer at Block, launched a database to list all known cloud vulnerabilities and security issues. Continue Reading

Negotiating a golden parachute clause in a CISO contract

If a CISO becomes the company scapegoat after a security incident, a strong golden parachute clause can mean the difference between a soft landing and a hard crash. Continue Reading

How to determine out-of-scope bug bounty assets

What happens when a security researcher discovers a bug in an out-of-scope asset? Learn how to handle bug bounty scope in this excerpt from 'Corporate Cybersecurity.' Continue Reading

An enterprise bug bounty program vs. VDP: Which is better?

Creating a bug bounty or vulnerability disclosure program? Learn which option might prove more useful, and get tips on getting a program off the ground. Continue Reading

Top 4 best practices to secure the SDLC

NIST's Secure Software Development Framework is a set of practices for mitigating software vulnerabilities. Learn about the top SDLC best practices included in this framework. Continue Reading

Researchers criticize Oracle's vulnerability disclosure process

While the critical flaws were reported in April, it took the vendor nearly half a year to issue patches, exceeding the standard responsible coordinated disclosure policy. Continue Reading

Chinese HUI Loader malware ups the ante on espionage attacks

A state-sponsored piece of malware may become a favorite weapon for Beijing-backed hacking crews looking to lift intellectual property from foreign firms. Continue Reading

3 threats dirty data poses to the enterprise

The Information Security Forum predicted dirty data will pose three threats to the enterprise. Learn about these threats, and get tips on how to protect your organization from them. Continue Reading

Use ssh-keygen to create SSH key pairs and more

Learn how to use ssh-keygen to create new key pairs, copy host keys, use a single login key pair for multiple hosts, retrieve key fingerprints and more in this tutorial. Continue Reading

Access management issues may create security holes

Employees who aren't credentialed to access corporate systems to do their jobs find ways around the red tape that could lead to security breaches. Continue Reading

Ongoing PowerShell security threats prompt a call to action

Although PowerShell poses an ongoing risk to enterprise security as a post-exploitation tool, authorities strongly advise against disabling it completely. Continue Reading

Kaspersky unveils unknown APT actor 'ToddyCat'

The origin of 'ToddyCat' is unknown. However, Kaspersky said the APT actor carries similarities with a number of Chinese-speaking threat groups. Continue Reading

What's driving converged endpoint management and security?

Security and IT teams face challenges in managing and securing a growing number of endpoints, which is driving organizations to look for converged capabilities, according to ESG. Continue Reading

Publicly disclosed U.S. ransomware attacks database

Each day SearchSecurity looks for every publicly available instance of a ransomware attack in the U.S. and compiles this data into a list to keep readers updated on recent threats. Continue Reading

Proofpoint: Social engineering attacks slipping past users

Executives, administrators and network defenders overlook the severity of many of the most effective social engineering tools, Proofpoint cautions. Continue Reading

How to address security risks in GPS-enabled devices

GPS-enabled devices not only pose personal risks but also pose risks to organizations. Learn about the security risks associated with tracking devices and how to address them. Continue Reading

Forescout discloses 'OT:Icefall,' 56 flaws from 10 vendors

The OT:Icefall vulnerabilities come from 10 operational technology vendors that make hardware for critical infrastructure, including Emerson, Honeywell, Motorola and more. Continue Reading

Key software patch testing best practices

Every company has to update and patch its software, but unless the process is carefully managed, serious problems can occur. How can you make sure you're following the right steps? Continue Reading

Cleveland BSides takes heat for Chris Hadnagy appearance

The Cleveland BSides security conference is experiencing turmoil after booking a 'surprise' keynote speaker who was recently barred from DEF CON for misconduct. Continue Reading

Paige Thompson found guilty in 2019 Capital One data breach

The former Amazon engineer who hacked AWS and gained access to sensitive data belonging to Capital One customers has been convicted. Continue Reading