How to improve software vulnerability disclosure in Europe
As software gets embedded in more and more things we use every day, the problem of software vulnerability reporting and patching rises in importance. Unfortunately, only a few European countries have put vulnerability disclosure processes in place. CEPS, a think tank and forum for debate on EU affairs, has delved in the problematics, listened to…
The Cybercrime Landscape Is Evolving — Will Your Mobile Threat Defense Strategy Keep Up?
As the workforce becomes increasingly mobile, organizations must adapt their security strategies to account for the enlarged threat surface. While mobility undeniably helps organizations boost productivity, it also creates considerable weaknesses in the IT environment. How can companies strike a balance between giving employees the 24/7 access they need to perform their jobs and protecting…
Cybercriminals will gravitate to criminal activity that maximizes their profit
McAfee released its McAfee Labs Threats Report: June 2018, examining the growth and trends of new malware, ransomware, and other threats in Q1 2018. McAfee Labs saw on average five new threat samples every second, including growth in cryptojacking and other cryptocurrency mining malware, and notable campaigns demonstrating a deliberate drive to technically improve upon…
House Passes Bill to Enhance Industrial Cybersecurity
The U.S. House of Representatives on Monday passed a bill aimed at protecting industrial control systems (ICS), particularly ones used in critical infrastructure, against cyberattacks. The legislation, H.R. 5733, formally known as the “DHS Industrial Control Systems Capabilities Enhancement Act,” was introduced on May 9 by Rep. Don Bacon (R-NE) and it was approved by…
Know what’s happening on your network and make the most of your security tools
In an ideal world, all organizations would know at all times exactly what’s happening on their network: they would have deep enough pockets to buy the equipment and engage the personnel necessary to achieve this knowledge, no matter how much the speed and size of their network increases. In this world, though, budgetary constraints force…
Twitter adds support for login verification with USB security key
Twitter has some good news for users looking to improve the security of their account: the company has begun rolling out the “login verification with a security key” option. Twitter announced on Tuesday several new measures to fight abuse, trolls, and spam on the social network and, within that announcement, it offered advice on how…
Microsoft offers new Azure AD tool to nix easily guessed passwords
Predictable, easy-to-guess passwords are often the weak link that ends up breaking the security chain and attackers know this. “They know to account for character substitutions like ‘$’ for ‘s’. They also that if there are complexity rules, most people will apply them in the same way: by starting a word with a capital letter…
How to Prioritize Security Vulnerabilities in SecDevOps
Software development has shifted into overdrive to keep pace with the demand for rapid releases. To meet this challenge, the industry has moved in recent years to the far more agile development and operations (DevOps) model, which has enabled companies to push out releases faster and more efficiently. However, more code means more vulnerability alerts….
Unrestricted access to systems and files exposes organizations to cybercrime
UK organisations are leaving themselves vulnerable to cybercrime with over a third of 18-24-year-olds able to access any files on their company network, and only one in five having to request permission to access specific files. Less than half (43%) are restricted to accessing only the files that are relevant to their work. This is…
Cybersecurity – how confident (complacent?) are you?
Attention all cybersecurity professionals! We all know that today’s cybersecurity landscape is an ever-changing one. So how often should organizations review their cybersecurity strategy? If it’s a question that hasn’t been asked in a while, chances are that in this world of constant threat, you’re probably at risk. For despite the near constant stream of…