Advertisement

iCloud key

Apple finally adds encryption to iCloud backups

Apple has rolled out a number of security features that will now offer end-to-end encryption to protect data, including backups, contacts, notes, photos, and wallet passes. The company also announced hardware Security Keys for Apple...


United States Capitol Building / Congress / legislation in a digital landscape

US Congress rolls back proposal to restrict use of Chinese chips

After business groups argued that proposed legislation to curb use of Chinese-made semiconductors would hurt national security, lawmakers amended it—but a final vote and the president's approval of the proposed National Defense...


Conceptual image of a network labeled 'Zero Trust.'

Athletic shoe maker Brooks runs down cyberattacks with zero-trust segmentation

Protecting the most vital areas of the network first is a practical, doable defense, Brooks found when it implemented Illumio Core’s zero-trust segmentation platform.


Advertisement

Data center / enterprise networking

Ransomware attack knocks Rackspace’s Exchange servers offline

Rackspace’s hosting for Exchange servers remained offline Tuesday after an outage Friday that the company now ascribes to a ransomware attack.


skull and crossbones in binary code

Flaws in MegaRAC baseband management firmware impact many server brands

The newly discovered vulnerabilities could allow attackers to gain control of servers that use AMI's MegaRAC BMC firmware.


security threat / hacker / attack

Action1 launches threat actor filtering to block remote management platform abuse

Action1 says remote management platform can now identify and terminate any attempt at misuse by attackers.


digital twins woman in profile ai mirror duplicate duo pair

The cybersecurity challenges and opportunities of digital twins

The virtual representation of objects or systems through digital twins provide organizations greater insight into their assets but it can also invite malicious actors.


lorimerlite framework structure build construction

The changing role of the MITRE ATT@CK framework

Organizations are using the MITRE ATT@CK framework as more than a security operations reference architecture, adding new use cases and making it part of strategic future plans.


Cyber insurance  >  Umbrella hub protecting connected devices + online activities in binary world.

What you should know when considering cyber insurance in 2023

When even the best-laid cybersecurity plans fail, cyber insurance can help mitigate an organization’s exposure to financial and operational risk—but the insurance landscape is shifting with the times.


healthcare technology / medical data

Palo Alto Networks looks to shore up healthcare IoT security

Machine-learning based visibility and monitoring are at the heart of the cybersecurity company’s new healthcare-focused, add-on application to its core firewall products.


Advertisement

blame 174280704

When blaming the user for a security breach is unfair – or just wrong

Training non-tech savvy users to recognize phishing and other credential-based attacks is essential but expecting employees to man the front lines against intrusions is a mistake, experts say. Harmony between staff psychology and...


conference / convention / audience / applause / clapping

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.


post 12 image three ways that security in the azure cloud just got simpler

Researchers found security pitfalls in IBM’s cloud infrastructure

A demonstrated attack by cybersecurity researchers in IBM’s cloud infrastructure allowed them access to the internal server used to build database images for customer deployments.


Binary chain links of data  >  Blockchain / blockchain security / linked elements

Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions

Cybersecurity researchers found risks in the GitHub Actions platform that could enable attackers to inject malicious code into software projects and initiate a supply chain attack.


manager scanning workforce data via antimalware picture id1022805724

8 things to consider amid cybersecurity vendor layoffs

Cybersecurity vendor layoffs raise several issues for CISOs and customers, not the least of which are security and risk-related factors. Here are 8 things to consider if your security vendor has announced significant staff cuts.