Search results for: open sources

danger

How the rise in identity crimes and cyberattacks impacts small businesses

The Identity Theft Resource Center (ITRC) has published a report on the impacts of identity crimes and cyberattacks on small businesses. There are 42 million solopreneurs, according to a 2019 report from Spencer Brenneman. Yet, there is little information about how small businesses are impacted by the rise in identity crimes and cyberattacks. The ITRC solicited impact information directly from the small business owners and leaders affected by security and data breaches. For the report, 417 small business leaders and … More

Acquisitions

IBM to acquire ReaQta to expand its cybersecurity threat detection and response offerings

IBM Security announced an expansion of its cybersecurity threat detection and response capabilities with its plans to acquire ReaQta. ReaQta’s endpoint security solutions are designed to leverage AI to automatically identify and manage threats, while remaining undetectable to adversaries. This move will expand IBM’s capabilities in the extended detection and response (XDR) market, aligning with IBM’s strategy to deliver security with an open approach that extends across disparate tools, data and hybrid cloud environments. As … More

Advice from a young, female CISO: Key lessons learned

Ellen Benaim, the newest CISO at Copenhagen-based SaaS provider Templafy, started her career at the company in June 2018 as technical support, but from the moment she sat down in an interview with Henrik Printzlau, the company’s co-founder and former CISO, she knew that she wanted to become CISO at Templafy one day. That day came in March 2020. In this interview with Help Net Security, she talks about her take on the CISO role … More

cube

Regulation fatigue: A challenge to shift processes left

Recent high-profile supply chain attacks have heightened the need for increased regulation of the open-source community. In the U.S., for example, President Biden’s recent executive order asks government vendors to attest “to the extent practicable, to the integrity and provenance of open source software used within any portion of a product.” The president’s recent order, and the potential actions of legislators to follow, could lead to burdensome regulations that interfere with shift left practices, and … More

Handshake

AirHop partners with Juniper Networks to accelerate 4G and 5G network deployments

AirHop Communications announced they are joining the Juniper Networks Technology Alliance Partner ecosystem. The partnership will enable the integration of AirHop’s field-hardened Radio Access Network (RAN) automation and optimization applications as O-RAN Alliance compatible eSON xApps and eSON360 rApps on Juniper’s RAN Intelligent Controller (RIC). The integrated automation and optimization Apps will accelerate and simplify 4G and 5G network deployments and operations, resulting in increased spectral efficiency by up to 30%, contributing to lower OpEx … More

MITRE ATT&CK

Released: MITRE ATT&CK v10

MITRE Corporation has released the tenth version of ATT&CK, its globally accessible (and free!) knowledge base of cyber adversary tactics and techniques based on real-world observations. Version ten comes with new Data Source objects, new and changed techniques in its various matrices, key changes to facilitate hunting in ICS environments, and more. Source: MITRE MITRE ATT&CK v10 The most prominent change in this newest version of the framework is new objects with aggregated information about … More

encryption

Many organizations lack basic cyber hygiene despite high confidence in their cyber defenses

SpyCloud released an analysis of IT security leaders’ perceived threat of ransomware attacks and the maturity of their cybersecurity defenses. The report found that while 81% of those surveyed consider their security to be above average or exceptional, many lack basic cyber hygiene – 41% lack a password complexity requirement, one of the cheapest, easiest forms of protection, and only 55.6% have implemented multi-factor authentication (MFA). “The loss of data and resources due to ransomware … More

security platform

Splunk enhances security solutions to help organizations embrace digital transformation

Splunk announced a series of new product innovations designed to help organizations securely embrace digital transformation by providing the security visibility needed to accelerate time to detection, investigation and response. Led by new enhancements to Splunk Security Cloud and Splunk SOAR, Splunk provides organizations a comprehensive Security Operations Center (SOC) platform with intelligence, analytics and automation. Enterprise security leaders are in the midst of massive digital transformation, which was further accelerated over the last year … More

stop

Secure your databases against opportunistic attackers

If you connect databases / servers to the internet and secure them poorly, you can count on them getting compromised quickly. According to findings by Radoslaw Zdonczyk, Security Researcher at Trustwave SpiderLabs, there will be login attempts even before the systems’ IP addresses get listed by internet scanners like Shodan and BinaryEdge, and once that happens, their number will grow. Hackers are ready to pounce For his experiment, Zdonczyk deployed two MySQL and MariaDB servers … More

biometrics

Multi-factor authentications soar as enterprises move away from passwords to secure hybrid workers

Enterprises are taking steps to move away from passwords and adopting low-friction authentication methods to protect the hybrid workforce, a Cisco’s Duo Security report reveals. Multi-factor authentications increased significantly While the total number of multi-factor authentications increased 39% in the past year, biometric authentications grew even faster at 48%. The report analyzed data from more than 36 million devices, over 400 thousand unique applications and roughly 800 million monthly authentications. It revealed how organizations across … More

AI

Policy automation to eliminate configuration errors

Far too often, major security breaches can be traced back to a configuration error. Changes and adjustments to network and security configurations are unavoidable; they are a necessary part of managing a company’s technology environment. But it’s important to recognize that they are also risky and can have unexpected consequences – from service interruptions, performance degradation and unintended downtime to security breaches and violations of compliance requirements. A complex environment On the surface, it might … More

endpoint protection

70% of businesses can’t ensure the same level of protection for every endpoint

A Deep Instinct research, which seeks to discover the cybersecurity concerns keeping CISO’s and SecOps professional up at night, found that 86% of UK respondents believe it is not possible to fully prevent ransomware and malware attacks from compromising their organizations defenses. It also found that the rise in the number of endpoints that businesses need to protect continues to be a key source of risk exposure. The research, which surveyed 1,500 cybersecurity professionals globally … More