Security

Security | News, how-tos, features, reviews, and videos

Multifactor authentication  >  A mobile phone displays a digital key to a lock on a user's laptop.

Multi-factor authentication fatigue attacks are on the rise: How to defend against them

LAPSUS$ is just one cybercriminal group that has breached networks of large companies such as Uber and Microsoft by spamming employees with MFA authentication requests.

cso security access granted breach hack identity theft gettyimages 1191670668 by reklamlar 2400x160

Report: The state of secure identity 2022

New research from Okta’s Auth0 access management platform found that credential stuffing and fraudulent registration attacks are on the rise.

A multitude of arrows pierce a target. [numerous attacks / quantity / severity]

Top 5 attack surface challenges related to security operations

The growing attack surface is extending the security/software developer gap, increasing vulnerabilities, and slowing security investigations.

ransomware attack

Ransomware is (slightly) on the decline, cyberinsurance company says

While ransomware attacks remain highly dangerous, data from a prominent insurer suggests that their frequency and severity is beginning to decline.

shutterstock 1459422656 padlock with keyhole icon in personal data security illustrates cyber data

CrowdStrike adds XDR, other capabilites across 4 key security products

CrowdStrike is adding XDR (extended detection and response) features to Falcon Insight, and a raft of enhancement to CrowdStrike Cloud Security, Humio and Falcon Discover.

Profile photo of a developer / programmer reviewing code on monitors in his workspace.

Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security

Palo Alto Networks has added a new SCA solution to Prisma Cloud to help developers safely use open-source software components. The vendor has also introduced a software bill of materials.

A conceptual representation of accessing username and password credentials.

Uber links cyberattack to LAPSUS$, says sensitive user data remains protected

Attacker likely bought employee account credentials on the dark web and then escalated privileges to access internal tools.

SAP sign

Most common SAP vulnerabilities attackers try to exploit

Unpatched systems, misconfigurations and vulnerable custom code are making SAP environments a top target for cyberattacks.

Woman executive with security lock

A third of enterprises globally don’t prioritize digital trust: ISACA

There are significant gaps between what enterprises are doing and what they should do to earn customer trust in their digital ecosystems, according to information systems security group ISACA.

team trust risk gap help assistance challenge

5 ways to grow the cybersecurity workforce

The cybersecurity workforce shortage and related skills gap stubbornly persists. Here are five ways to attract talent now.

A group discussion takes place around a table in an office workspace.

Collaboration is key to balance customer experience with security, privacy

Security and privacy teams working with sales, marketing and design ensures a good user experience while protecting data and maintaining regulatory compliance.

global meeting conference international business

International cooperation is key to fighting threat actors and cybercrime

Western intelligence and national security leaders emphasize the importance of collaborating to better prepare and respond to cybersecurity threats.

The trouble with 2fa

With a large percentage of your workforce now working remotely, two-factor authentication (2fa) can make them (or your company data) safer online. But how you're doing it now probably isn't helping much at all.

abstract internet network cyber security concept picture id1072278762

API security—and even visibility—isn’t getting handled by enterprises

A new survey highlights the widespread nature of API security incidents and the lack of full inventories of potentially dangerous APIs.

Uber headquarters

Uber responding to “cybersecurity incident” following reports of significant data breach

Uber says it is in contact with law enforcement following reports of a significant data beach of its network.

Application security  >  Software code + data protected with a lock

US OMB releases guidance on federal agency software security requirements

The guidance aims to improve the security of software federal agencies use, but expects self-attestation for compliance.

rocket launch startup cloud success growth badge

Security startups to watch for 2022

Security startups are often innovation leaders. These are some of the most interesting ones to watch as they tackle issues around cloud security, asset management and more.

CIO | Middle East  >  Iran  >  Flag

US government indicts Iranian nationals for ransomware and other cybercrimes

The Department of Justice and FBI claim three Iranian citizens conducted a global cybercrime operation while separately the US Treasury sanctions Iran.

software development / application testing / planning / flow chart / diagram

U.S. government issues guidance for developers to secure the software supply chain: Key takeaways

The U.S. NSA, CISA and ODNI created the Securing the Software Supply Chain guide to focus on the software development lifecycle.

Cyber warfare  >  Russian missile launcher / Russian flag / binary code

Russia’s cyber future connected at the waist to Soviet military industrial complex

New research raises questions about whether Russia's cyber warefare operations are up to modern day challenges.

Load More