(IN)SECURE Magazine Notifications RSS

ISACA Blockchain Framework and Guidance: Helping enterprises adopt the emerging tech

2 months 3 weeks ago

Blockchain has many enterprise applications that go beyond cryptocurrency, including smart contracts, supply chain, and healthcare records. To help tech professionals get a stronger grasp on the important technology and how to leverage it within their own organizations, ISACA has released two new resources: Blockchain Framework and Guidance and Blockchain: An Executive View. Blockchain Framework and Guidance offers a comprehensive blockchain reference, including overview, history, information about types and their benefits and features, as well … More →

The post ISACA Blockchain Framework and Guidance: Helping enterprises adopt the emerging tech appeared first on Help Net Security.

Industry News

Mindtree launches Microsoft go-to-market business unit, accelerates cloud business

2 months 3 weeks ago

Mindtree announced the launch of a dedicated Microsoft go-to-market business unit centered on building new solutions based on Microsoft platforms and technologies, as well as developing the next generation of talent across the Mindtree organization globally. The Microsoft go-to-market business unit is a component of Mindtree’s multi-tiered initiative to support the continued demand of cloud services and solutions. Mindtree will also expand its Global Azure Experience Center in Redmond, WA and will leverage its Microsoft … More →

The post Mindtree launches Microsoft go-to-market business unit, accelerates cloud business appeared first on Help Net Security.

Industry News

ADVA unveils set of edge and access network synchronization devices for next-gen apps

2 months 3 weeks ago

ADVA launched a unique set of edge and access network synchronization devices with enhanced capabilities for next-generation applications such as 5G. The latest Oscilloquartz solutions address key challenges for a wide range of industries by bringing new levels of timing accuracy and resilience to edge networks. The OSA 5412 and 5422 offer precise phase, frequency and time-of-day synchronization and can be used for time-as-a-service applications. For the first time, communication service providers, enterprises, broadcast networks … More →

The post ADVA unveils set of edge and access network synchronization devices for next-gen apps appeared first on Help Net Security.

Industry News

Arrow Electronics Security Starter Kit helps IoT device companies build and deliver secure connected devices

2 months 3 weeks ago

Arrow Electronics announced a Security Starter Kit suite that integrates various wireless solutions and single-board computers (SBCs) with the OPTIGA TPM2.0 and OPTIGA Trust M security solutions from Infineon Technologies AG. The kit provides companies seeking to add security to their end products with a straightforward security implementation path with Root of Trust capabilities. Connecting to cloud services is simplified with AWS IoT Greengrass and AWS IoT Core integrations. “Over the past five years, we’ve … More →

The post Arrow Electronics Security Starter Kit helps IoT device companies build and deliver secure connected devices appeared first on Help Net Security.

Industry News

Bastille awarded a Phase 5 OTA from DHS

2 months 3 weeks ago

Bastille announced it has been awarded a Phase 5 Other Transaction Agreement (OTA) from the Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T) Silicon Valley Innovation Program (SVIP). The funding continues the ongoing partnership that began in January 2017, in which Bastille helps to secure government organizations through its patented software-defined radio and machine-learning technology that senses, identifies and localizes threats from RF devices. “Government agencies are under constant threat of a cyberattack … More →

The post Bastille awarded a Phase 5 OTA from DHS appeared first on Help Net Security.

Industry News

Entrust nShield HSMs delivers enhanced security to the Mirantis Kubernetes Engine

2 months 3 weeks ago

Entrust has announced its new partnership with Mirantis and the certification of its nShield hardware security modules (HSMs) with the Mirantis Kubernetes Engine. Entrust nShield HSMs become the first Mirantis-certified HSMs in the market to deliver enhanced security to the Mirantis Kubernetes Engine. The new certified integration provides a root of trust, enabling developers to add the robust cryptographic services offered by nShield HSMs to containerized applications. The Mirantis Kubernetes Engine is a container platform … More →

The post Entrust nShield HSMs delivers enhanced security to the Mirantis Kubernetes Engine appeared first on Help Net Security.

Industry News

Secure enclave protection for AI and ML

2 months 3 weeks ago

You can’t swing a virtual bat without hitting someone touting the value of artificial intelligence (AI) and machine learning (ML) technologies to transform big data and human expertise. A new generation of businesses is promising to accelerate and automate decision making. Most countries, including the United States, view AI technology as critical to retaining or establishing global business leadership. The promise and value of AI and ML rank equal or higher to other intellectual property … More →

The post Secure enclave protection for AI and ML appeared first on Help Net Security.

Help Net Security

More than half of organizations don’t have an insider risk response plan

2 months 3 weeks ago

Both business and security leaders are allowing massive insider risk problems to fester in the aftermath of the significant shift to remote work in the past year, according to a Code42 report. During that same time, 76% of IT security leaders said that their organizations have experienced one or more data breaches involving the loss of sensitive files and 59% said insider threat will increase in the next two years primarily due to users having … More →

The post More than half of organizations don’t have an insider risk response plan appeared first on Help Net Security.

Help Net Security

Countries that retaliate too much against cyberattacks make things worse for themselves

2 months 3 weeks ago

During the opening ceremonies of the 2018 Winter Olympics, held in PyeongChang, South Korea, Russian hackers launched a cyberattack that disrupted television and internet systems at the games. The incident was resolved quickly, but because Russia used North Korean IP addresses for the attack, the source of the disruption was unclear in the event’s immediate aftermath. There is a lesson in that attack, and others like it, at a time when hostilities between countries increasingly … More →

The post Countries that retaliate too much against cyberattacks make things worse for themselves appeared first on Help Net Security.

Help Net Security

42% of security leaders said the pandemic has changed their cybersecurity priorities

2 months 3 weeks ago

Fudo Security published the results of it survey, enlisting the unique perspectives of a diverse, select group of CISOs, senior cybersecurity executives and industry decision-makers from around the globe including the US, Europe, Asia and MENA. More than 42% said the pandemic has changed their cybersecurity priorities. Survey respondents reported that more than 77% of their employees have been working remotely this year and they expect this to continue and not ask employees to return … More →

The post 42% of security leaders said the pandemic has changed their cybersecurity priorities appeared first on Help Net Security.

Help Net Security

High-risk vulnerabilities discovery increased 65% in 2020

2 months 3 weeks ago

2020 has been a record year for crowdsourced cybersecurity adoption, with enterprises across all industries implementing crowdsourced cybersecurity programs to keep up with the evolving threat landscape. High-risk vulnerabilities discovery Bugcrowd saw a 50% increase in submissions on its platform in the last 12 months, including a 65% increase in Priority One (P1) submissions, which refer to the most critical security vulnerabilities. The report gives a comprehensive view of how COVID-19 redefined cybersecurity practices across … More →

The post High-risk vulnerabilities discovery increased 65% in 2020 appeared first on Help Net Security.

Help Net Security

CipherCloud helps prevent unintended cloud misconfigurations that lead to data loss

2 months 3 weeks ago

CipherCloud announced that it has formally introduced its Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) solutions capabilities. This new offering enables CipherCloud customers to prevent unintended cloud misconfigurations that lead to data loss, while enabling more consistent compliance with industry standards such as GDPR, CCPA, HIPAA and PCI. Delivered as an integrated component of the market-leading CASB+ solution, CipherCloud CSPM and SSPM directly address the leading cause of cloud security and … More →

The post CipherCloud helps prevent unintended cloud misconfigurations that lead to data loss appeared first on Help Net Security.

Industry News

FACEPOINT enhances NICE Actimize’s AML screening and KYC solutions

2 months 3 weeks ago

NICE Actimize announced that FACEPOINT has joined the X-Sight Marketplace, bringing its facial recognition technology for advanced KYC and watch list risk screening to the ecosystem. NICE Actimize’s X-Sight Marketplace, which has grown to include more than 60 technology partners, is the first financial crime and compliance ecosystem that connects financial services organizations with data, applications, tools and service providers, providing both the value of choice and the ability to reduce integration timelines. Until recently, … More →

The post FACEPOINT enhances NICE Actimize’s AML screening and KYC solutions appeared first on Help Net Security.

Industry News

SoftServe achieves AWS Migration Competency status for helping businesses move to AWS

2 months 3 weeks ago

SoftServe has achieved AWS Migration Competency status. This designation recognizes SoftServe’s expertise in helping businesses successfully move to AWS through all phases of complex migration projects, including discovery, planning, migration, and operations. The AWS Migration Competency marks SoftServe’s sixth AWS Competency designation, following the AWS Retail Competency, AWS SaaS Competency, AWS Financial Services Competency, AWS DevOps Competency, and AWS Data & Analytics Competency. “The AWS Migration Competency highlights our proficiency in guiding customers through their … More →

The post SoftServe achieves AWS Migration Competency status for helping businesses move to AWS appeared first on Help Net Security.

Industry News

Hackers breached U.S. government agencies via compromised SolarWinds Orion software

2 months 3 weeks ago

A “highly sophisticated” hacking group has breached the U.S. Treasury Department, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA), other government agencies and private sector companies (including, apparently, FireEye) via compromised SolarWinds Orion software. A supply chain attack According to reports by FireEye and Microsoft, the hacking group managed to insert a backdoor (signed with SolarWinds’ legitimate certificates) into a DLL file used by the SolarWinds Orion platform, which organizations use for … More →

The post Hackers breached U.S. government agencies via compromised SolarWinds Orion software appeared first on Help Net Security.

Zeljka Zorz

Cisco re-patches wormable Jabber RCE flaw

2 months 3 weeks ago

In September 2020, Cisco patched four Jabber vulnerabilities (including one wormable RCE flaw), but as it turns out, three of four have not been sufficiently mitigated. The incompleteness of the patches was discovered by Watchcom researchers – who discovered and disclosed the batch of vulnerabilities made public in September – after one of their clients requested they verify the effectiveness of Cisco’s patches. A wormable Jabber RCE and more “Cisco released a patch that fixed … More →

The post Cisco re-patches wormable Jabber RCE flaw appeared first on Help Net Security.

Zeljka Zorz

How to make DevSecOps stick with developers

2 months 3 weeks ago

While DevOps culture has brought innovation to the industry and transformed the way software is developed, it’s arguably an outdated concept. The truth is that DevOps has allowed for new features and applications to be rolled out at such speed that traditional security practices simply aren’t able to keep up. The other problem is that the security testing that does occur (e.g., penetration testing and code reviews), usually takes place towards the end of the … More →

The post How to make DevSecOps stick with developers appeared first on Help Net Security.

Help Net Security

Three signs your SOC is ready for XDR

2 months 3 weeks ago

Over the past year, there’s been a movement growing in the industry towards Extended Detection and Response, or XDR. While a few offerings represent broad portfolio consolidation and convergence towards packaging multiple solutions into one, there’s an undeniable demand for a more outcome-oriented approach to threat detection and response. While most attacks continue to compromise and persist on the endpoint, today’s adversaries don’t really care if they need to traverse between endpoints, SaaS solutions, identities, … More →

The post Three signs your SOC is ready for XDR appeared first on Help Net Security.

Help Net Security

What’s at stake in the Computer Fraud and Abuse Act (CFAA)

2 months 3 weeks ago

Two weeks ago, the Supreme Court heard oral arguments in Van Buren vs. United States, the landmark case over the Computer Fraud and Abuse Act (CFAA). Nathan Van Buren, the petitioner in the case, is a former police officer in Georgia who used his lawful access to a police license plate database to look someone up in exchange for money. Van Buren was indicted and convicted of violating the CFAA for using his legal access … More →

The post What’s at stake in the Computer Fraud and Abuse Act (CFAA) appeared first on Help Net Security.

Help Net Security

Third-party online assets a growing security risk for retailers

2 months 3 weeks ago

83% of the top U.S. retailers have connections to a vulnerable third-party asset, and 43% have vulnerabilities that pose an immediate cybersecurity risk, Cyberpion reveals. In addition, the company found that 30% of these retailers have an asset that either was, or is currently being abused, in an active hacking campaign, and 23% have a compromised asset that is under the control of attackers. “This holiday season is a perfect storm for the retail industry … More →

The post Third-party online assets a growing security risk for retailers appeared first on Help Net Security.

Help Net Security