News

access control / authentication / privileges / security / key

Cloud-native TACACS+ access solution launched by Portnox

New product aims to make network authentication, authorization, and accounting technology more attractive to mid-sized companies.

stress test2 linux penguin stress ball hand squeezing by digitalsoul getty images 1136841639

Nebulon bakes bare-metal Linux ransomware protection into the bootloader

The newest releases of Nebulon’s ImmutableBoot and TimeJump backup systems boast 'reboot-to-recover' functionality for Linux systems.

CSO  >  Botnet  >  Robots amid a blue binary matrix

New peer-to-peer botnet Panchan hijacks Linux servers

The botnet built by the platform-independent worm malware currently enables cryptomining.

CSO  >  ransomware / security threat

Ransomware attacks are increasing with more dangerous hybrids ahead

The re-emergence of REvil and anticipated convergence with business email compromise actors are among reasons why ransomware gangs are still dangerous.

A hand controls a small marionette. [control / manipulation / social engineering]

Threat actors becoming more creative exploiting the human factor

Remote work, supply chains, commercial clouds offer threat actors opportunities to trick people into doing their bidding.

hello my name is open source nametag

GitHub open sources Entitlements IAM sytem, built as a Git repository

The company behind one of the most important open source projects in the world is providing a new way to use its framework for IAM (identity and access management) this week.

Handshake, mergers and acquisitions, M &A

Leading cybersecurity vendors join Mandiant's new Cyber Alliance Program

The alliance aims to develop integrated security systems and share threat intelligence, and lists partners including Google, Cloudflare, CrowdStrike, SentinelOne and Microsoft as founding members.

Blue holiday snowflake background

Snowflake offers cybersecurity data platform with security app integrations

Snowflake's cybersecurity workload integrates the company's data cloud, storage and query features with tools from cybersecurity vendors, for enhanced threat detection, investigation and alerts.

2 linux malware scarier

Hackers using stealthy Linux backdoor Symbiote to steal credentials

Symbiote is deployed as a shared object that can inject itself into existing processes, making it difficult to detect.

programmer certification skills code devops glasses student by kevin unsplash

Software supply chain security fixes gain prominence at RSA

Attendees are urged to improve asset management, use SBOMs, and collaborate with government cybersecurity agencies to better ensure software integrity.

Browsers version 100 bug

ConcealBrowse isolates malicious software before it can work its mischief

Agent-based solution screens code to prevent browser-borne attacks on the enterprise.

Cybersecurity

RSA: Intel reference design to accelerate SASE, other security tasks

Intel says its reference design will enable accelerator cards to offload security processing from server CPUs without requiring more rack space.

Mobile phone data privacy.

Virtru launches open-source project OpenTDF

The company hopes OpenTDF will establish a standard for safe, private data sharing.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

Zero-day flaw in Atlassian Confluence exploited in the wild since May

Atlassian has issued emergency patches for the vulnerability, which could allow attackers to perform remote code execution.

security protection / defenses / protocols

Qualys upgrades vulnerability management solution

VMDR 2.0 offers better insight into risk posture, faster fix times for critical vulnerabilities.

hacking critical infrastructure security

Dragos launches info portal to fill security gaps in critical infrastructure

OT-CERT provides free resources to under-served ICS/OT community members and beefs up threat and vulnerability coordination.

Tech Spotlight   >   Cloud [CSO]   >   Conceptual image of laptop users with cloud security overlay.

RSA: Cisco launches SASE, offers roadmap for other cloud-based services

New Cisco services aim to simplify security operations with new as-a-service offerings.

User ID + password / credentials / authentication

SSO explained: Single sign-on definition, examples, and terminology

Single sign-on (SSO) is a user authentication service that allows a user to access multiple applications with one set of login credentials. Password fatigue, cloud sprawl and developer simplicity are pushing the rise of SSO.

A firmware message appears on a circuit board.

Cybercriminals look to exploit Intel ME vulnerabilities for highly persistent implants

Leaked Conti information show the ransomware gang likely completed a proof of concept to exploit Intel ME and rewrite its firmware.

access control / authentication / privileges / security / key

SecureAuth unveils new end-to-end access and authentication solution

Orchestration, passwordless tech, continuous authentication combined in next-generation Arculix platform

Load More