Don’t Overlook the Business Risk in BRI

DDoS Threat Report
A business risk intelligence (BRI) program requires many components about which I’ve written previously: the right intelligence requirements , collection strategy , KPIs, vendors , collaboration , and stakeholder support...
Continue reading
0 Comments

Huawei Fires Sales Manager Who Poland Charged With Spying

The Chinese tech company Huawei on Saturday announced it has fired a sales director who was arrested in Poland and charged with spying for China, saying he has brought the...
Continue reading
0 Comments

Phishers Use Zero-Width Spaces to Bypass Office 365 Protections

A recently addressed vulnerability in Office 365 allowed attackers to bypass existing phishing protections and deliver malicious messages to victims’ inboxes.  The issue, cloud security firm Avanan says, resided in...
Continue reading
0 Comments

UK Hacker Jailed for Attack on Liberian Telecoms Firm

A British computer hacker has been sentenced to 32 months in prison for a cyberattack that knocked out telecommunications services in Liberia. Daniel Kaye was paid by an employee of...
Continue reading
0 Comments

Most People Expect a Serious Cyberattack Against Their Country

Cyberattack on Nations
People across the world are expecting major cyber-attacks against their own country. A Pew Research survey of more than 27,000 respondents across 26 countries shows that the majority of people...
Continue reading
0 Comments

Rapid7 Releases Metasploit 5.0

Metasploit 5.0 released
Rapid7 on Friday announced the release of Metasploit 5.0. The latest major version of the popular penetration testing framework introduces several new important features, improved performance, and its developers say...
Continue reading
0 Comments

Was North Korea Wrongly Accused of Ransomware Attacks?

Ryuk Ransomware’s Attribution to North Korea Likely Incorrect, Multiple Security Firms Believe The Ryuk ransomware that emerged in summer of 2018 is likely not the work of state-sponsored North Korean...
Continue reading
0 Comments

Medical Device Security Firm Cynerio Raises $7 Million

Cynerio, a provider of medical device and Internet of Medical Things (IoMT) solutions, this week announced that it has raised $7 million in funding. The company's security platform provides visibility...
Continue reading
0 Comments

Juniper Networks Patches Over 60 Flaws in Junos, ATP Products

Juniper Networks this week released patches for more than 60 vulnerabilities in its Juniper Advanced Threat Prevention (ATP) appliance, Junos OS operating system, and Junos Space network management platform. Many...
Continue reading
0 Comments

Poland Charges Huawei Manager, Ex-spy With Spying for China

Poland has arrested a Chinese manager at tech giant Huawei in Poland and one of its own former counter-espionage officers and charged them with spying on Poland for China, state...
Continue reading
0 Comments

Hacktivist Gets 10-Year Prison Sentence for DDoS Attack on Hospitals

A 34-year-old man from Somerville, Massachusetts, has been sentenced to 10 years in prison for launching distributed denial-of-service (DDoS) attacks against two healthcare organizations in the United States. Martin Gottesfeld,...
Continue reading
0 Comments

Blacklisted Kaspersky Tipped NSA on Security Breach: Media

The computer security firm Kaspersky Lab helped the US NSA spy agency uncover one of its worst-ever security breaches -- one year before the US banned the company's products for...
Continue reading
0 Comments

EU Top Court Adviser: Google Can Limit Right to be Forgotten

An adviser to Europe's top court says Google doesn't have to extend "right to be forgotten" rules to its search engines globally. The European Court of Justice's advocate general released...
Continue reading
0 Comments

Security is a Top Concern for SD-WAN. Is Your Solution Ready?

The Necessity of Native Security Controls in an SD-WAN Environment Cannot be Overstated According to a recent report from Gartner, security is the top concern for organizations updating their wide-area...
Continue reading
0 Comments

TLS Certificates for Many .gov Domains Not Renewed Due to Government Shutdown

Certificate expired on Justice Department domain - via Netcraft
Many TLS certificates for .gov domains have not been renewed due to the ongoing shutdown of the United States government, making them insecure or inaccessible. A standoff between U.S. President...
Continue reading
0 Comments

5 Forecasts to Inform Digital Risk Protection in 2019

Last year was bookended by two major corporate data breaches – Under Armour in February and Marriott in December – with incidents too numerous to count in between. As cybersecurity...
Continue reading
0 Comments

Facebook and Google Launch Asia-Pacific Bug Hunting Conference

Facebook and Google have partnered to launch a new conference for the researchers interested on discovering and reporting vulnerabilities. Called BountyCon and mainly aimed at helping the two better identify...
Continue reading
0 Comments

Google Secures Public DNS Queries With DNS-over-TLS

Google this week announced that users can now secure queries between their devices and the Google Public DNS with DNS-over-TLS, which improves their privacy and integrity.  The largest public Domain...
Continue reading
0 Comments

Hyatt Hotels Launches Public Bug Bounty Program

Hyatt Hotels launches bug bounty program
Hyatt Hotels Corporation on Wednesday announced the launch of a public bug bounty program that covers its websites and mobile applications. Hyatt and its affiliates operate over 750 hotels in...
Continue reading
0 Comments

Cisco Patches Serious DoS Flaws in Email Security Appliance

Cisco this week patched two serious denial-of-service (DoS) vulnerabilities that can be exploited remotely without authentication in its Email Security Appliance (ESA) products. One of the flaws, tracked as CVE-2018-15453...
Continue reading
0 Comments