American Public University System(APUS) is partnering with theU.S. Cyber Command(CYBERCOM) to help strengthen the country’s cybersecurity posture. APUS has been selected to be a member of CYBERCOM’s Academic Engagement Network (AEN), a collaborative effort between academia and CYBERCOM to leverage the capabilities and talents of both groups to provide a more robust cyber defense. The…

In my last article, I discussed the trade-offs we often make between complexity and capabilities when adopting new security tools and why there is often a point of diminishing returns in terms of the value derived from these tools as we layer on incremental functionality. In this article, I delve a bit deeper into the…

More than half of the world’s websites use Google Analytics to help their owners understand the behavior of users. The software, which deploys cookies to track user behavior, costs nothing in cash terms — though the vast trove of data helps to fuel Google’s massive profits. However, in 2020 the framework overseeing how personal data…

Ransomware attackers demanded dramatically higher ransom fees last year, and the average ransom payment rose by 78% to 541,010, according to data from incident response (IR) cases investigated by Palo Alto Networks Unit 42. IR cases by Unit 42 also saw a whopping 144% increase in ransom demands, to $2.2 million. According to the report,…

Red Canary’s 2022 Threat Detection Report (PDF) analyzed more than 30,000 confirmed threats across the firm’s customer base. The report notes that ransomware criminals have responded to improving target company backups by introducing sensitive data exfiltration and the threat of exposure (double extortion). “Backups will allow an organization to get back up and running more…

On March 10, Dell announced patches for five SMM vulnerabilities in the UEFI – the successor of the BIOS firmware interface – of 45 device models, including multiple Alienware, Inspiron, and Vostro laptop models. Tracked as CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420, and CVE-2022-24421, the high-severity security bugs (CVSS score of 8.2) are described as improper input…

The funding round was co-led by Koch Disruptive Technologies (KDT) and New Enterprise Associates (NEA). Founded a decade ago, ForAllSecure is focused on automating software testing to improve security, and already serves Fortune 1000 companies in sectors such as aerospace, automotive, and high-tech, as well as the US military. Named Mayhem, the company’s autonomous security…

Business planning SaaS (software-as-a-service) software maker Anaplan is being acquired by private equity firm Thoma Bravo for $10.7 billion. Founded in the UK and now based in San Francisco, Anaplan offers cloud-based finance and planning software and counts almost 2,000 customers worldwide, including Coca-Cola, Shell, Thomas Cook and VMware. The company went public in 2018,…