IT and Security - Information Management Today

Why Your VPN May Not Be As Secure As It Claims

Krebs on Security

MAY 6, 2024

But researchers at Leviathan Security say they’ve discovered it’s possible to abuse an obscure feature built into the DHCP protocol so that other users on the local network are forced to connect to a rogue DHCP server. Image: Shutterstock. “This is intended functionality that isn’t clearly stated in the RFC [standard]. .

IT

IT Security Encryption Passwords

RSAC Fireside Chat: Flexxon advances hardware-level security with its ‘Server Defender’ module

The Last Watchdog

MAY 16, 2024

Related: World’s largest bank hit by ransomware attack While software solutions dominated RSA Conference 2024 and are essential for multi-layered defense of an expanding network attack surface, hardware security solutions can serve as a last line of defense against unauthorized access to sensitive data and tampering with systems.

IT

IT Security Ransomware Cybersecurity

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Krebs on Security

JUNE 8, 2023

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. The Barracuda Email Security Gateway (ESG) 900 appliance. Campbell, Calif.

IT

IT Security Ransomware Encryption

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

New Rules for Shipbuilding Focus on IT/OT Cybersecurity

Data Breach Today

APRIL 4, 2024

New IACS Rules to Secure Onboard Digital Systems, Equipment Go Into Effect July 1 IT and OT security experts say threats to shipping underscore the need for more stringent regulations for passenger, cargo and high-speed vessels by the International Association of Classification Societies.

Cybersecurity

Cybersecurity IT Security

7 Pitfalls for Apache Cassandra in Production

Overlooking Security Considerations. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance. The topics covered include: Using Cassandra as if it were a Relational Database. Managing Delete Heavy Workloads. Running Unoptimized Queries.

Security

Choosing the right IT security partner: How Jamf fulfills your IT security need

Jamf

APRIL 17, 2024

Learn how choosing the right partner for your security needs can veritably make or break your cybersecurity plan. Also, gain a better understanding of how Jamf solutions integrate to address the challenges of the modern threat landscape through Trusted Access for top-to-bottom and end-to-end protection of your enterprise.

IT

IT Security Cybersecurity Access

Microsoft Overhauls Security Practices After Major Breaches

Data Breach Today

MAY 6, 2024

Company Plans to Link Executive Compensation to Achieving Security Milestones The executive vice president for Microsoft Security has announced an overhaul of the company's security practices following a series of high-profile cyberattacks that allowed foreign state-sponsored hacking groups to access its internal systems and cloud networks.

Security

Security Cloud Access IT

CIA Finds It Failed to Secure Its Own Systems

Data Breach Today

JUNE 17, 2020

Senator Wyden Releases CIA's Own 2017 Report Into Leak of 'Vault 7' Hacking Tools An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked (..)

IT

IT Security Data breaches

Why Cybereason Is Making Its 3rd Round of Layoffs Since 2022

Data Breach Today

MARCH 20, 2024

Among the exiting employees is Zohar Alon, the longtime Dome9 Security leader who joined Cybereason just 11 months ago as president of product and research and development.o joined Cybereason just 11 months ago as president of product and research and development.

IT

IT Security

The Essential Guide to Analytic Applications

We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges.

Analytics

Is Microsegmentation for Zero Trust Defenses Worth It?

Data Breach Today

FEBRUARY 27, 2024

Forrester's David Holmes on Why CISOs Must Evaluate Microsegmentation in Cloud Microsegmentation is a fundamental concept in zero trust security, but CISOs should assess its feasibility before diving in.

IT

IT Cloud Security

French Security Firm Says Hackers Accessed Its Source Code

Data Breach Today

FEBRUARY 5, 2021

Stormshield Is a Major Supplier of Security Products to the French Government French security vendor Stormshield has launched an investigation after an internal review found that hackers accessed the source code of the company's network security product.

Access

Access Security IT Government

Feds Tackling Information Security in Government Procurement

Data Breach Today

APRIL 1, 2024

GSA Establishes Framework for Security Regulations Covering Federal Acquisitions The federal government aims to streamline its information security and supply chain security procurement policies as part of an effort to better safeguard federal systems.

Information Security

Information Security Government Security Cybersecurity

Boosting Security Resilience and Defending the IT Ecosystem

Data Breach Today

JUNE 9, 2022

Jeetu Patel of Cisco Discusses the Critical Ability to 'Bounce Back' From Incidents With rising threats facing critical infrastructure sectors, such as healthcare and financial services, "society as a whole, and the safety of society is completely dependent on cyber risk" - and being security resilient, says Jeetu Patel of Cisco.

Financial Services

Financial Services Security IT Risk

7 Questions Every App Team Should Ask

Which sophisticated analytics capabilities can give your application a competitive edge? In its 2020 Embedded BI Market Study, Dresner Advisory Services continues to identify the importance of embedded analytics in technologies and initiatives strategic to business intelligence.

Analytics

Good Governance: 'It's All Hygiene'

Data Breach Today

NOVEMBER 30, 2023

In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."

Government

Government IT Security

Florida City's Water Hack: Poor IT Security Laid Bare

Data Breach Today

FEBRUARY 11, 2021

The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.

IT

IT Passwords Security Access

Florida's Water Hack: Poor IT Security Laid Bare

Data Breach Today

FEBRUARY 10, 2021

The incident is likely to raise questions over the vulnerability of critical infrastructure in small towns on slim IT security budgets.

IT

IT Security Passwords Access

Google Cloud NGFW Enterprise - Simplicity, Scale, Security

Data Breach Today

MAY 15, 2024

Palo Alto Networks and Google Cloud Execs on Power of Security Solution Partnership The move to cloud offers numerous benefits, but cloud apps and multi-cloud environments add complexity to defending IT environments.

Cloud

Cloud Security IT

Embedded Analytics Insights for 2024

From data security to generative AI, read the report to learn what developers care about including: Why organizations choose to build or buy analytics How prepared organizations are in 2024 to use predictive analytics & generative AI Leading market factors driving embedded analytics decision-making

Analytics

Cisco addressed severe flaws in its Secure Client

Security Affairs

MARCH 8, 2024

Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two high-severity vulnerabilities in Secure Client respectively tracked as CVE-2024-20337 and CVE-2024-20338.

Security

Security IT Authentication Libraries

Assessing the Privacy, Security Risks of Digital Health IT

Data Breach Today

JULY 18, 2022

A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.

Risk

Risk Privacy Security IT

Okta to Acquire Spera Security

Data Breach Today

DECEMBER 19, 2023

Okta Says Acquisition Will Expand Its Ability to Detect High-Risk Accounts Okta finalized an agreement to acquire Spera Security, saying the purchase will expand its ability to track risky accounts and access misconfigurations.

Security

Security Risk Access IT

Honeywell's James DeLuccia on Product Security vs IT Defense

Data Breach Today

OCTOBER 31, 2022

Consistency Is the Objective in IT Security, But Product Security Must Be Flexible Organizations expect the IT security landscape to be consistent - from builds and hardware to operating systems - but for product security, everything Honeywell makes is a snowflake with flexible, highly tailored design across many technologies, says Honeywell Product (..)

IT

IT Security

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

Navigating the complex world of IT security: how unified security simplifies protection

Jamf

MARCH 20, 2024

Securing your organization is a difficult task. Learn how a unified security platform makes security easier. Choosing the right software solutions can help.

Security

Security IT

Iranian Hackers Target Israeli Logistics and IT Companies

Data Breach Today

NOVEMBER 9, 2023

Iranian Espionage Group Used Tactics From Previous Campaigns Security company CrowdStrike said it had observed Iranian hacker group Imperial Kitten, also known as TA456, Crimson Sandstorm and Tortoiseshell, conducting web compromise operations between 2022 and 2023 to infiltrate Israeli logistics, transportation and technology companies.

IT

IT Security

Best Practices to Pass an IT Security Audit

Data Breach Today

APRIL 5, 2023

Josh Hankins of Qualys on Tips and Tricks He Learned as a Practitioner Before he became a chief technical security officer at Qualys, Josh Hankins was a cybersecurity leader in financial services. He learned how security audit failures are increasingly costly, and he devised new strategies for audit preparation.

Financial Services

Financial Services Security IT Cybersecurity

Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. “An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, x), Ivanti Policy Secure (9.x, and 22.5R1.1); Policy Secure version 22.5R1.1;

Security

Security IT Authentication Access

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Proactive Security: What It Means for Enterprise Security Strategy

Dark Reading

SEPTEMBER 26, 2023

Proactive Security holds the elusive promise of helping enterprises finally get ahead of threats, but CISOs must come to grips with the technological and philosophical change that it brings.

Security

Security IT

Joe Sullivan: What's a Breach? 'It's a Complicated Question'

Data Breach Today

OCTOBER 5, 2023

The Question is Also One for the Legal Team to Own, Says Uber's Former CSO Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, sharing lessons learned from the U.S.

IT

IT Data breaches Security

On Point: Offensive Security for Mobile Network Operators

Data Breach Today

JANUARY 22, 2024

Build Resiliency by Simulating Real-World Attacks and Gaining Insight Into Threats As cyberthreats evolve, mobile network operators need offensive security to maintain resilience. Traditional security, such as firewalls and encryption, is not sufficient on its own.

Security

Security Encryption IT

Zscaler Expands AI Security Capabilities by Acquiring Avalor

Data Breach Today

MARCH 14, 2024

Zscaler Purchase Aims to Revolutionize Zero Trust Cybersecurity With Advanced AI Zscaler bought a data security startup led by a longtime Salesforce executive to help customers stay ahead of threats by beefing up data quality and AI models.

Security

Security Cybersecurity IT

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

CISA Launches New Efforts to Secure Open-Source Ecosystem

Data Breach Today

MARCH 7, 2024

Cybersecurity and Infrastructure Security Agency hopes to expand voluntary information sharing between the federal government and open-source software operators with a series of actions the agency announced following a two-day open-source security summit held at its Virginia headquarters.

Security

Security Cybersecurity Government IT

Fulton County, Security Experts Call LockBit’s Bluff

Krebs on Security

FEBRUARY 29, 2024

Security experts say LockBit was likely bluffing and probably lost most of the data when the gang’s servers were seized this month by U.S. The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand.

Security

Security Ransomware IT Access

Ivanti Patches Critical Endpoint Security Vulnerability

Data Breach Today

JANUARY 7, 2024

SQL Injection Flaw Affects All Supported Versions of Ivanti Endpoint Manager Ivanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers.

Security

Security IT

IT-OT Convergence: Taking the Right Security Measures

Data Breach Today

SEPTEMBER 13, 2021

Meralco's Mel Migriño on How to Ensure OT Security In addition to doing asset inventory, it is important to profile the risks of each asset to ensure OT security, says Mel Migriño, vice president and group CISO at Meralco, the largest power distribution unit in the Philippines.

IT

IT Security Risk

Shift Left Security? Development Does Not Want to Own It.

Speaker: Shlomo Bielak, CTO, Benchmark Corp

Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter.

Security

Understanding Security Frameworks: Guide for IT Security Professionals

Jamf

AUGUST 9, 2023

In this webinar series, Aaron Webb explains what security frameworks are, their importance and explains the critical role they play when securing your organization’s environment.

Security

Security IT Compliance Risk

Top security priorities: upgrading IT and data security

Jamf

JANUARY 12, 2023

IT and security teams are tasked with the hefty responsibilty of securing their organization's data. Without the miracle of an infinite budget, teams have to select tools that give the most security for their buck.

Security

Security IT

Medibank Defends its Security Practices as its Ransomware Woes Worsen

IT Governance

NOVEMBER 17, 2022

The organisation’s share price plummeted by almost 19% following the data breach, and despite its claims that it has done the right thing, new details continue to emerge that cast doubt on Medibank’s cyber security practices. million current and former customers was compromised. The extent of the damage.

IT

IT Ransomware Security Data breaches

The Quantum Computing Cryptopocalypse – I’ll Know It When I See It

Security Affairs

JANUARY 19, 2024

So, it might not be time to panic, but it certainly is time to recognize that the threats and the benefits of quantum computing are here now, and security professionals need to ensure that they and the organization they work for are fully prepared. Can quantum computing break cryptography? Can it do it within a person’s lifetime?

IT

IT Encryption Cybersecurity Security

Your Team's Pragmatic Guide to Security

Speaker: Naresh Soni, CTO, Tsunami XR

The pandemic has led to new data vulnerabilities, and therefore new cyber security threats. As technology leaders, it's time to rethink some of your product security strategy. Whether you need to rework your security architecture, improve performance, and/or deal with new threats, this webinar has you covered.

Security

Why Your VPN May Not Be As Secure As It Claims

RSAC Fireside Chat: Flexxon advances hardware-level security with its ‘Server Defender’ module

Webinars

Trending Sources

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Webinars

New Rules for Shipbuilding Focus on IT/OT Cybersecurity

7 Pitfalls for Apache Cassandra in Production

Choosing the right IT security partner: How Jamf fulfills your IT security need

Microsoft Overhauls Security Practices After Major Breaches

CIA Finds It Failed to Secure Its Own Systems

Why Cybereason Is Making Its 3rd Round of Layoffs Since 2022

The Essential Guide to Analytic Applications

Is Microsegmentation for Zero Trust Defenses Worth It?

French Security Firm Says Hackers Accessed Its Source Code

Feds Tackling Information Security in Government Procurement

Boosting Security Resilience and Defending the IT Ecosystem

7 Questions Every App Team Should Ask

Good Governance: 'It's All Hygiene'

Florida City's Water Hack: Poor IT Security Laid Bare

Florida's Water Hack: Poor IT Security Laid Bare

Google Cloud NGFW Enterprise - Simplicity, Scale, Security

Embedded Analytics Insights for 2024

Cisco addressed severe flaws in its Secure Client

Assessing the Privacy, Security Risks of Digital Health IT

Okta to Acquire Spera Security

Honeywell's James DeLuccia on Product Security vs IT Defense

5 Early Indicators Your Embedded Analytics Will Fail

Navigating the complex world of IT security: how unified security simplifies protection

Iranian Hackers Target Israeli Logistics and IT Companies

Best Practices to Pass an IT Security Audit

Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices

How to Package and Price Embedded Analytics

Proactive Security: What It Means for Enterprise Security Strategy

Joe Sullivan: What's a Breach? 'It's a Complicated Question'

On Point: Offensive Security for Mobile Network Operators

Zscaler Expands AI Security Capabilities by Acquiring Avalor

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

CISA Launches New Efforts to Secure Open-Source Ecosystem

Fulton County, Security Experts Call LockBit’s Bluff

Ivanti Patches Critical Endpoint Security Vulnerability

IT-OT Convergence: Taking the Right Security Measures

Shift Left Security? Development Does Not Want to Own It.

Understanding Security Frameworks: Guide for IT Security Professionals

Top security priorities: upgrading IT and data security

Medibank Defends its Security Practices as its Ransomware Woes Worsen

The Quantum Computing Cryptopocalypse – I’ll Know It When I See It

Your Team's Pragmatic Guide to Security

Stay Connected