Advertisement

p1240491 19

Microsoft security vulnerabilities drop after five-year rise

While elevated privilege attacks remain a critical security concern when using Microsoft products, a new report says that the raw number of vulnerabilities is dropping.


abstract programming code

Chris Wysopal: Open source is becoming a national security risk

The Veracode CTO explains what set the Log4j vulnerabilities apart, how it raised awareness of issues around open source security, and where he sees progress.


SMS phishing / smishing  >  Mobile phone displays text bubble with skull + crossbones

PIXM releases new computer vision solution for mobile phishing

PIXM Mobile uses computer vision tech to identify and stop phishing attacks on mobile devices in real time, as a user clicks on a malicious link.


Advertisement

Ransomware

Chaos ransomware explained: A rapidly evolving threat

The Chaos ransomware builder, now rebranded as Yashma, is quickly improving and being adopted by cybercriminal groups.


female developer programmer devops next generation it staff

New Mend service auto-detects and fixes code, app security issues

Mend, formerly WhiteSource, announces new service designed to detect and fix code security issues, reduce the software attack surface and application security burden.


Patch + update options  >  Pixelized tools + refresh symbol with branching paths

Patching the latest Active Directory vulnerabilities is not enough

Follow these steps after running the November and May Microsoft updates to fully address Active Directory vulnerabilities.


A gavel rests on open law book. [law / regulation / compliance / legal liability]

Security and privacy laws, regulations, and compliance: The complete guide

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.


modern server room with server racks in data center picture id1186291565

HYAS brings security threat detection, response to production networks

HYAS Confront uses domain expertise and proprietary machine learning to monitor and detect anomalies in production network environments and improve visibility as applications move to the cloud.


it leader it professional engineer technician in network server room data center by antonio diaz sh

Exium expands SASE, 5G-based security for midsize enterprise networks

The on-premises module offers new capabilities, based on 5G standards, for midsize businesses.


Automation/machine learning/artificial intelligence >  mind-gears within circuit-board silhouette

7 machine identity management best practices

Managing machine identities can be just as important as managing human identities, especially in a zero-trust environment.


Advertisement

CSO: Have you met these hackers? [slide 11]

DOJ: Good faith security research won’t be charged under Computer Fraud and Abuse Act

The U.S. Department of Justice revises its policy regarding charging violations of the CFAA. Good faith security research will no longer be charged.


big brother privacy eye data breach security binary valerybrozhinsky getty

Data protection concerns spike as states get ready to outlaw abortion

The use of personal data from brokers, apps, smartphones, and browsers to identify those seeking an abortion raises new data protection and privacy risks.


A vast network of identity avatars. [identity management]

IDaaS explained: How it compares to IAM

IDaaS is a cloud-based consumption model for IAM. It offers cost, scalability, and other advantages, but it also comes with its own risks.


5 cryptography and data protection

What is cryptography? How algorithms keep information secret and safe

Cryptography is the art of keeping information secret and safe by transforming it into form that unintended recipients cannot understand. It makes secure data transmission over the internet possible.


CSO slideshow - Insider Security Breaches - Flag of China, binary code

Canada bans Huawei, ZTE in 5G networks

Ottawa government’s move follows similar bans in other English-speaking countries, citing potential security risks to 5G communications networks.