Latest Cybersecurity Articles

6 signs your IAM strategy is failing, and how to fix it

6 signs your IAM strategy is failing, and how to fix it

Jul 5, 2022

Companies have been developing and executing identity and access management (IAM) strategies for decades. “It started with mainframe time sharing, so nothing is new,” says Jay Bretzmann,…

Adversarial machine learning explained: How attackers disrupt AI and ML systems

Adversarial machine learning explained: How attackers disrupt AI and ML systems

Jun 28, 2022

As more companies roll out artificial intelligence (AI) and machine learning (ML) projects, securing them becomes more important. A report released by IBM and Morning Consult in…

9 ways hackers will use machine learning to launch attacks

9 ways hackers will use machine learning to launch attacks

Jun 13, 2022

Machine learning and artificial intelligence (AI) are becoming a core technology for some threat detection and response tools. The ability to learn on the fly…

Bugs in the data center: How social engineering impacts physical security

Bugs in the data center: How social engineering impacts physical security

Jun 9, 2022

One data center management team learned the hard way that bugs can be a menace — or, to be more specific, the people who hunt…

7 machine identity management best practices

7 machine identity management best practices

May 24, 2022

Machine identities are a large, and fast-growing part of the enterprise attack surface. The number of machines—servers, devices, and services—is growing rapidly and efforts to…

Fantastic Open Source Cybersecurity Tools and Where to Find Them

Fantastic Open Source Cybersecurity Tools and Where to Find Them

May 19, 2022

Open source is a double-edged sword for information security. On the one hand, security professionals rely on countless open source security software tools, frameworks, and…

Microchip Adds Real-Time Security to Its Root of Trust Silicon Tech

Microchip Adds Real-Time Security to Its Root of Trust Silicon Tech

May 17, 2022

Security is a multi-step process. There’s a chain of trust, with each link verified and authenticated by the one that comes before. But eventually, the…

Machine Identity Management: A Fast-Growing Frontier of Security

Machine Identity Management: A Fast-Growing Frontier of Security

May 5, 2022

The number of machines enterprise security teams have to manage is exploding. When it comes to computing infrastructure, servers have been supplanted by virtual machines,…

Legitimate Security Tool Used Against Ukrainian Power Grid, Now Top Global Threat

Legitimate Security Tool Used Against Ukrainian Power Grid, Now Top Global Threat

Apr 26, 2022

Earlier this year, security researchers reported the use of legitimate security tools in multiple attacks against Ukrainian organizations, including government agencies, non-profits, and tech companies.…

What is the cyber kill chain? A model for tracing cyberattacks

What is the cyber kill chain? A model for tracing cyberattacks

Apr 14, 2022

As an infosec professional, you’ve likely heard about using a cyber kill chain to help identify and prevent intrusions. Attackers are evolving their methods, which…

6 Reasons Why More Automation Means More Secure Software

6 Reasons Why More Automation Means More Secure Software

Apr 11, 2022

In an age when applications are broken down into microservices, and networks are distributed across regions and clouds, software is being produced faster than ever, in…

Who’s selling SASE and what do you get?

Who’s selling SASE and what do you get?

Apr 7, 2022

Demand for secure access service edge (SASE) has grown tremendously during the pandemic. As adoption picks up, vendors are promising feature-rich and integrated SASE solutions. Customers have…

Physical Infrastructure Cybersecurity: A Growing Problem for Data Centers

Physical Infrastructure Cybersecurity: A Growing Problem for Data Centers

Apr 6, 2022

Modern data center infrastructure management (DCIM) platforms and other new tools put more power in the hands of facility managers. As a result, data centers…

Cloudflare Expands Email Security and WAF, Announces API Security Service

Cloudflare Expands Email Security and WAF, Announces API Security Service

Mar 16, 2022

Cloudflare is best known for its content delivery network and DDoS mitigation services, but it has been steadily expanding into other areas of web security…

AWS, Azure Vulnerabilities Would Have Allowed Access To Other Customers’ Accounts

AWS, Azure Vulnerabilities Would Have Allowed Access To Other Customers’ Accounts

Mar 11, 2022

Researchers from Orca Security have found two vulnerabilities in Amazon’s AWS and Microsoft’s Azure clouds that could have allowed users access to other customers’ infrastructure. Both Amazon…

Network Encryption: A Double-edged Sword for Cybersecurity

Network Encryption: A Double-edged Sword for Cybersecurity

Mar 8, 2022

In 2013, less than half of all web traffic was encrypted, according to Google. Today, the rate of network encryption stands at 95%. On the one hand, that’s…

How attackers sidestep the cyber kill chain

How attackers sidestep the cyber kill chain

Mar 7, 2022

The idea of the cyber kill chain was first developed by Lockheed Martin more than a decade ago. The basic idea is that attackers perform reconnaissance, find…

Gartner: SSE is SASE minus the SD-WAN

Gartner: SSE is SASE minus the SD-WAN

Mar 7, 2022

SASE adoption has been skyrocketing since the start of the pandemic. Secure access service edge, a term Gartner coined in 2019, combines security and networking…

Enterprises Need To Prepare for Broader Cyberwar

Enterprises Need To Prepare for Broader Cyberwar

Mar 1, 2022

As the fighting in Ukraine escalates and it looks like Russia won’t have the quick and easy victory it anticipated, the war is already having…

Nine Best Practices for Zero Trust

Nine Best Practices for Zero Trust

Feb 25, 2022

With the escalation of hostilities in Ukraine, increased activity by cybercriminal groups, and an ever-expanding attack surface caused by enterprises migrating to the cloud and…

Why DevOps pipelines are under attack and how to fight back

Why DevOps pipelines are under attack and how to fight back

Feb 22, 2022

In mid-2017, Russian state-sponsored attackers installed a malicious worm in a Ukrainian financial software package. When businesses updated their software, it became infected. The worm,…

As Concerns About Ukraine Mount, Gov’ts Issue Ransomware Alert

As Concerns About Ukraine Mount, Gov’ts Issue Ransomware Alert

Feb 16, 2022

The first international joint advisory about ransomware was issued last week as concerns mount about a potential Russian invasion of Ukraine. Tensions rose even higher on…

By Looking at the Past, New Cyber Board Can Prepare Us for the Future

By Looking at the Past, New Cyber Board Can Prepare Us for the Future

Feb 16, 2022

The Department of Homeland Security launched the country’s first Cyber Safety Review Board this month, a private-public initiative designed to improve cybersecurity. The CSRB will start…

Latest Cisco VPN Router Vulnerabilities Pose Risks To Small Businesses – And Their Partners

Latest Cisco VPN Router Vulnerabilities Pose Risks To Small Businesses – And Their Partners

Feb 9, 2022

Last week, Cisco disclosed 15 vulnerabilities in Cisco routers, including five with “critical” severity ratings. The vulnerabilities, which affect the Cisco Small Business RV160, RV260, RV340, and…

Denial of Service Attacks Expected To Get Bigger, Nastier

Denial of Service Attacks Expected To Get Bigger, Nastier

Feb 8, 2022

A distributed denial of service (DDoS) attack can take down a company’s infrastructure, communications, applications, or other services. It costs money to recover from such…

Top Three Use Cases for AI in Cybersecurity

Top Three Use Cases for AI in Cybersecurity

Feb 3, 2022

Cybersecurity professionals are facing an unprecedented threat environment, with record-high numbers of attacks, shortage of qualified staff, and increasing aggression and sophistication from nation-state actors.…

Cato adds fine-grained CASB controls to SASE platform

Cato adds fine-grained CASB controls to SASE platform

Feb 1, 2022

SASE vendor Cato Networks is adding fine-grained cloud access security broker (CASB) controls to its platforms. When employees working from home or branch locations log…

Top 10 outages of 2021

Top 10 outages of 2021

Jan 31, 2022

The biggest outages of 2021 had one thing in common: they affected major infrastructure or services providers and, as a result, affected large numbers of…

Data residency laws pushing companies toward residency as a service

Data residency laws pushing companies toward residency as a service

Jan 26, 2022

Data residency laws require that companies operating in a country keep data about its citizens on servers located in that country. For companies that have…

Log4Shell Vulnerability Highlights Software Supply Chain Issues

Log4Shell Vulnerability Highlights Software Supply Chain Issues

Jan 11, 2022

Open source software has eaten the world, but last month’s Log4Shell vulnerability chaos highlights the potential dangers when enterprises don’t treat it with the respect it deserves.…