Category Archives: Network Security

Threat intel is a game changer, if only firms can figure out how to bake it into cyber programs

Despite increased perceptions about the value of cyber threat intelligence, many businesses and industries still struggle to define what it actually means to them: which capabilities to incorporate, and how to do the ground level planning necessary to support the telemetry and technological tools they put in place.

The post Threat intel is a game changer, if only firms can figure out how to bake it into cyber programs appeared first on SC Media.

Continue reading

Posted in Network Security, Security News, Security strategy, Threat intelligence | Comments Off on Threat intel is a game changer, if only firms can figure out how to bake it into cyber programs

Firms with exposed IoT have a higher concentration of other security problems

Exposed enterprise IoT devices can be an indicator of security issues to come, with firms sporting exposed devices having a 62% higher density of other security problems, new research shows. For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post…

The post Firms with exposed IoT have a higher concentration of other security problems appeared first on SC Media.

Continue reading

Posted in IoT, Mobile Security, Network Security, Security News | Comments Off on Firms with exposed IoT have a higher concentration of other security problems

As SolarWinds spooks tech firms into rechecking code, some won’t like what they find

If more attacks are uncovered, end-user organizations must apply lessons learned from SolarWinds and take decisive action.

The post As SolarWinds spooks tech firms into rechecking code, some won’t like what they find appeared first on SC Media.

Continue reading

Posted in Application Security, Featured, Network Security, Security News, Security strategy | Comments Off on As SolarWinds spooks tech firms into rechecking code, some won’t like what they find

‘Don’t take Tom Bossert’s word on Trinity Cyber’: startup snags big-name board additions

The analyst from FireEye that discovered the SolarWinds attack and the co-founder of Tenable will join the advisory board of Trinity Cyber – contributing expertise to the company that counts former homeland security adviser Tom Bossert among its top executives.

The post ‘Don’t take Tom Bossert’s word on Trinity Cyber’: startup snags big-name board additions appeared first on SC Media.

Continue reading

Posted in Corporate News, Featured, Network Security, Security News, Software and solutions | Comments Off on ‘Don’t take Tom Bossert’s word on Trinity Cyber’: startup snags big-name board additions

Even dead employees pose a security risk when their accounts are still active

Ransomware attackers compromised deceased employee’s account to access a domain admin account. The incident is a sad reminder of some cyber hygiene standards too often overlooked.

The post Even dead employees pose a security risk when their accounts are still active appeared first on SC Media.

Continue reading

Posted in Cybercrime, Featured, Network Security, Ransomware, Security News | Comments Off on Even dead employees pose a security risk when their accounts are still active

‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug grants Linux root access

Cybersecurity researchers and the U.S. Cyber Command are warning users about a decade-old buffer overflow bug in sudo that can grant root access to malicious users with low level access to systems. The vulnerability, discovered by Qualys and nicknamed “Baron Samedit,” affects all versions of Linux Qualys has tested against. The glitch allows users, even…

The post ‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug grants Linux root access appeared first on SC Media.

Continue reading

Posted in Network Security, Security News | Comments Off on ‘One of the most beautiful bugs I’ve seen’: Decade-old sudo bug grants Linux root access

The cyber ‘journeymen’: Apprentices may be the solution to the skills gap

Aspiring infosec professionals have the opportunity to hone their craft as companies develop talent from within, potentially with government funding, and chip away at the diversity problem.

The post The cyber ‘journeymen’: Apprentices may be the solution to the skills gap appeared first on SC Media.

Continue reading

Posted in Careers, Featured, Network Security, Security News, Training | Comments Off on The cyber ‘journeymen’: Apprentices may be the solution to the skills gap

Google to offer suite of new zero trust capabilities through Chrome browser

With backing from Google infrastructure and support from a host of industry partners, the features have the potential to significantly expand the footprint of zero trust solutions within industry and government.

The post Google to offer suite of new zero trust capabilities through Chrome browser appeared first on SC Media.

Continue reading

Posted in Cloud, Cloud Security, Network Security, Security News, Software and solutions, Zero Trust | Comments Off on Google to offer suite of new zero trust capabilities through Chrome browser

Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs

Joe Slowik, senior security researcher at DomainTools, spoke to SC Media about how the SolarWind attackers remained undetected for so long, and how domain data could be used to weaponize network observables against sophisticated attackers.

The post Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs appeared first on SC Media.

Continue reading

Posted in APT, APTs/cyberespionage, Featured, Network Security, Security News, SolarWinds hack, Threat intelligence | Comments Off on Sunbust avoided indicators of compromise with SolarWinds hack, but left breadcrumbs