Advertisement

A large 'X' marks a conceptual image of a password amid hexadecimal code.

How to review password quality in Active Directory

Regular reviews of the effectiveness of user, admin, and service passwords stored in Active Directory is a good idea. Here's how one password review tool works.


a hand holds an open book from which abstract letters emerge

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.


Praying mantis among green leaves [camouflage/stealth]

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Praying Mantis group is likely a nation-state actor that uses custom malware and is adept at avoiding detection.


Advertisement

Conceptual image of a network labeled 'Zero Trust.'

7 tenets of zero trust explained

Cut through the hype. NIST's core zero trust elements provide a practical framework around which to build a zero trust architecture.


man in bed nightmare what keeps you up at night stress sleeping by gorodenkoff getty images

Why code reuse is still a security nightmare

Despite best efforts to track software dependencies, blind spots still exist leading to silent vulnerabilities in software.


cross country race 92125395

Australia is playing catchup on cybersecurity defences

As ransomware and other cyberattacks rise, both the government and organisations are taking steps to protect themselves, but more is needed.


Binary flag of the European Union viewed through a magnifying lens and showing a ripple effect.

EU takes aim at ransomware with plans to make Bitcoin traceable, prohibit anonymity

The European Commission has set out new legislative proposals to make crypto transfers more traceable. While the plans will close some existing loopholes, the impact on cybercrime is likely to be minimal, experts say.


CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.


A gavel rests on open law book. [law / regulation / compliance / legal liability]

Security and privacy laws, regulations, and compliance: The complete guide

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.


security trust

Secure multiparty computation explained: Ensuring trust in untrustworthy environments

Secure multiparty computation is a collection of algorithms that allow people to work together over a network to find a consensus or compute a value and have faith that the answer is correct. Everyone contributed fairly and there was...


Advertisement

An unknown number calls a mobile phone amid pixelated data.

Scammers’ Australian windfall bodes poorly for cybersecurity’s human defences

Company culture is the soft underbelly that scammers can exploit, using the same techniques to access corporate data which fool employees in their personal lives.


A vault door security mechanism with abstract circuits. / increase security / harden against attacks

Best Mitre D3FEND advice to harden Windows networks

Mitre's recently released D3FEND matrix offers sound guidance for any security admin or CISO looking to harden a Windows network against attack.


A binary map of china.

Biden administration, US allies condemn China's malicious hacking, espionage actions

Global coalition calls on China to curtail its cyber activities. For the first time, the US blames China directly for ransomware attacks.


A lost businessman wanders amid conflicting directional signs through the fog.

8 biases that will kill your security program

CISOs and their security teams often hold cognitive biases that get in the way of making the right risk management and incident response decisions. Here are eight of the most common to avoid.


google cloud ciso phil venables on the future of cloud security

Google Cloud CISO Phil Venables on the future of cloud security

Can cloud providers help lift security's burden of endless compliance checklists and certifications?