For many Chief Information Security Officers (CISOs), reporting to the board of directors has been handled as a reactionary, albeit very necessary task. After all, it’s the board of directors that sit atop the corporate governance model, so it is incumbent upon security professionals to keep them informed. But communicating about security incidents—like the Log4j…

Software-defined WAN, better known today as SD-WAN, is not the same technology that it was when it first got started. In the beginning, SD-WAN was essentially a way to enable organizations to use inexpensive broadband connectivity to connect back to the data center. It was a lower-cost alternative to other fixed-connectivity WAN options, most notably multiprotocol…

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software covering password management, dark web monitoring, digital file storage and messaging, today announced the acquisition of Glyptodon, the creator of Glyptodon Enterprise, a remote access gateway which provides DevOps and IT teams with effortless access to RDP, SSH, VNC and Kubernetes endpoints through a…

CyberMDX offers a solution that helps healthcare organizations continuously discover connected medical devices, visualize network flow, manage assets, and obtain risk assessment and security reports. It also delivers defense capabilities, as well as operational analytics and insights. Forescout says the acquisition will strengthen its out-of-the-box support for connected device types across IT, IoT, operational technology…

Security today relies on cryptography, an information-protection technology that uses algorithms to transform messages into a form that is difficult for a third party to decipher. For decades, computers and networks have relied on cryptography to provide confidentiality and integrity, and for common tasks like authentication. Arguably, it has become the backbone of modern cybersecurity…

California-based engineer and entrepreneur Lou Montulli said the original “cookie” he created decades ago was intended to make life online easier by letting websites remember visitors. Yet the technology has become a lightning rod, attacked for helping tech companies collect data on consumers’ habits key to the targeted web ad business that makes many billions…

If there existed a prize for the most pervasive, critical, and least-known middleware technology, the Data Distribution Service (DDS) standard would certainly win it. When we first presented the results of this research at the Black Hat Europe Briefings, the audience appeared to be completely unaware (embarrassed, even) that the DDS drives railways, autonomous cars,…

Entering 2022, the world continues to endure the pandemic. But the security industry has, no doubt, continued to shift, adapt, and develop in spite of things. Several trends have even accelerated. Beyond traditional “physical security,” a host of frontiers like AI, cloud computing, IoT, and cybersecurity are being rapidly pioneered by entities big and small…

Of the newly patched security flaws, nine are rated high-severity while six carry a “medium-severity” rating. The most important of these issues is CVE-2022-22746, a race condition leading to the bypass of full-screen notification on Windows machines. Next in line is CVE-2022-22743, another fullscreen spoof, this time affecting the browser window. The bug could allow…

The European Data Protection Supervisor said Monday that Europol was notified of the order on Jan. 3 following an inquiry that started in 2019. As part of the investigation, the EDPS said it reprimanded Europol two years ago “for the continued storage of large volumes” of such data, “which poses a risk to individuals’ fundamental…