Magic Security Dust

Adam Shostack is selling magic security dust. Its about time someone is commercializing this essential technology...

Upcoming webinar: Is EDR or MDR better for your business?

Don't miss our upcoming webinar on EDR vs. MDR! In the webinar, Marcin Kleczynski, CEO and co-founder of Malwarebytes, and guest speaker Joseph Blankenship, Vice President and research director at Forrester, discuss topic such as: The difference between EDR and MDR, how EDR solutions can be...

Honda's Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles

A duo of researchers has released a proof-of-concept PoC demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what's called a replay attack. The attack is made possible, thanks to a vulnerability in its remote keyless system...

Build Your 2022 Cybersecurity Plan With This Free PPT Template

The end of the year is coming, and it's time for security decision-makers to make plans for 2022 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive 2022...

BlueVoyant optimizes customer security with Microsoft security services

This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA. What a year it has been. The rapid and unexpected transition to work from home is one of the biggest issues affecting companies of all sizes and industries in 2020. As companies...

A New Paradigm in Data Security: Insider Risk Management

The pandemic was a force accelerator for digital transformation in the enterprise. It’s not just the dramatic remote work shift — it’s a profound shift toward prioritizing speed and flexibility as the drivers of a company’s competitive advantage. But as faster, more agile ways of working...

XDR: The Next Level of Prevention, Detection and Response [New Guide]

One new security technology we keep hearing about is Extended Detection and Response XDR. This new technology merges multiple prevention and detection technologies on a single platform to better understand threat signals so that you don't need to purchase, integrate, and manage various control an...

Control Flow Guard for Clang/LLVM and Rust

As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard CFG support is now available in the Clang C/C++ compiler and Rust. What is Control Flow Guard? CFG is a platform security technology designed to enforce control flow...

Secure Remote Working During COVID-19 — Checklist for CISOs

Coronavirus crisis introduces a heavy burden on the CISOs with the collective impact of a mass transition to working remotely coupled with a surge of cyberattacks that strive to monetize the general chaos. Security vendors, unintendedly, contribute to this burden by a relentless generation of noi...

CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life

The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center SOC operations. We share strategies and learnings from our SOC, which protects Microsoft, and our Detection and Response Team DART, who helps our customers addre...

CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools

The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center SOC operations. Our learnings in the series come primarily from Microsoft’s corporate IT security operation team, one of several specialized teams in the Microso...

Building a VPN for Mobile Devices at the Network Level

By David Balaban In 2019, there is still surprisingly little information about such an old, simple, convenient, and secure technology, as mobile VPN - Virtual Private Network. In this article, I will describe how you can provide access to your virtual private network to any device with a SIM card...

Terahertz Millimeter-Wave Scanners

Interesting article on terahertz millimeter-wave scanners and their uses to detect terrorist bombers. The heart of the device is a block of electronics about the size of a 1990s tower personal computer. It comes housed in a musician's black case, akin to the one Spinal Tap might use on tour. At t...

Introducing Windows Defender System Guard runtime attestation

At Microsoft, we want users to be in control of their devices, including knowing the security health of these devices. If important security features should fail, users should be aware. Windows Defender System Guard runtime attestation, a new Windows platform security technology, fills this need...

If You Think File Integrity Monitoring is Boring, Think Again

You’ll be hard pressed to find file integrity monitoring on any list of cool, emerging, cutting-edge cybersecurity technologies. But if you choose to ignore this mature, foundational technology, it’ll be at great risk. File integrity monitoring, or FIM, plays a key role in critical security and...

Apple iPhone X Face ID Fooled by a Mask

Apple’s Face ID technology, the centerpiece biometric authentication mechanism for the iPhone X, has been cracked a little more than a week after it was introduced to the public. Researchers from Vietnamese security company Bkav demonstrated that they could fool the technology to unlock the phone...

Five Reasons Why I Joined Wallarm

By Johan Nordstrom The question of “what made you change jobs?” may be old, but the answer with my move to Wallarm is new and clear. I have a vision how to address the dynamic threat landscape of today and Wallarm’s innovative approach to security is in line with these ideas. In my 30 years caree...

No payment necessary: Fighting back against ransomware

Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene. Any IT professional who’s ever had an experience with malware knows how fast an intrusive attack can happen, and how difficult it can be to educate...

Apple Launches Bug Bounty with Maximum $200,000 Reward

LAS VEGAS—Apple closed out Black Hat today with a long-awaited announcement that next month it will launch a bug bounty. The Apple Security Bounty will be an invitation-only program, open to two dozen researchers at the outset, said Ivan Krstic, head of security engineering and architecture. The...

WhatsApp Encryption: A Good Start, but Far from a Security Panacea

WhatsApp’s addition of end-to-end encryption is a good start, but does not present users with a complete solution that protects against the prying eyes of intrusive governments and nosey third-parties. That’s the consensus among privacy and security experts that commend Facebook-owned WhatsApp fo...