11 matches found
Fake Clickjacking Bug Bounty Reports: The Key Facts
Are you aware of fake clickjacking bug bounty reports? If not, you should be. This article will get you up to speed and help you to stay alert. What are clickjacking bug bounty reports? If we start by breaking up the term into its component parts, a bug bounty is a program offered by an...
Firing of CISA Chief Christopher Krebs Widely Condemned
Government officials and cybersecurity experts alike condemned President Trump’s firing of Christopher Krebs by tweet Tuesday, as the director of the Cybersecurity and Infrastructure Security Agency CISA became the latest victim of the president’s housecleaning efforts after his failed bid at a...
The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware
The linchpin of successful cyberattacks, exemplified by nation state-level attacks and human-operated ransomware, is their ability to find the path of least resistance and progressively move across a compromised network. Determining the full scope and impact of these attacks is one the most...
The best test for an EDR solution is one that works for you
Since its inception, the endpoint detection and response EDR market has evolved rapidly with new innovations to better address the cyber landscape and meet customers’ needs for an effective and simple solution that just works. But finding something that just works means something quite different...
MGM Grand Breach Leaked Details of 10.6 Million Guests Last Summer
A hacking forum this week published details of more than 10.6 million guests who stayed at MGM Resorts, the result of a breach due to unauthorized access to a cloud server that occurred at the famous Las Vegas hotel and casino last summer. The incident—revealed in a published report on ZDNet...
Defeating the iPhone Restricted Mode
Recently, Apple introduced restricted mode to protect iPhones from attacks by companies like Cellebrite and Greyshift, which allow attackers to recover information from a phone without the password or fingerprint. Elcomsoft just announced that it can easily bypass it. There is an important lesson...
How To Leverage Data Access Analytics for Effective Breach Detection
Detecting and preventing data breaches is a challenge for most, if not all, enterprises. In fact, according to a study released in 2017, 78% of all CISOs are concerned that data breaches go undetected, while only 19% admit they are effective at breach prevention. Simply put, breaches happen almos...
Veterans Are a Valuable Cybersecurity Workforce
Editor's Note: This article originally appeared on ITSPmagazine. As a former United States Marine I believe veterans can be instrumental in helping to close the growing cybersecurity skills and people gap. My own story reveals how a military background can provide the perfect foundation for a...
Lack of Internal IT Security Expertise Requires Connected Threat Defense
There are many different factors that can impact a company's overall security posture. Increasing sophistication on the part of cyber criminals, combined with more frequent attacks launched using advanced malware, represent some of the most pervasive drivers of IT security. However, one issue...
New Certifications Will Set High Bar for IT Security Pros
A new non-profit group is developing certifications for information technology security professionals that will set a high bar for IT security practitioners in areas like penetration testing, code auditing and control systems operation. The National Board of Information Security Examiners NBISE i...
Private sector relations should be job one for cyber security czar
Whoever is brave enough to fill the soon-to-be-created cybersecurity czar position will find a rather large pile of challenges waiting. Among them will be dealing with a confused and argumentative Congress, doing a full-scale assessment of the country’s critical infrastructure and reaching out to...