Panther Labs surveyed 400 active security practitioners, primarily, security analysts and security engineers, to reflect the “boots on the ground” perspective for security teams. The goal of the research was to better understand how effective their current tools and processes are, improvements they recommend making going forward, the challenges they face, and projections for the…

The Biden White House continued its efforts to shore up US cyber defenses by signing two bills into law, both with the goal of helping cybersecurity expertise and resources flow freely between federal agencies and down to municipalities in need of resources. The first piece of cybersecurity legislation, called the Federal Rotational Cyber Workforce Program…

Security teams should prepare for what researchers say will be a challenging environment through 2023, with increased pressure from government regulators, partners, and threat actors. Gartner kicked off its Security & Risk Management Summit with the release of its analysts’ assessments of the work ahead, which Richard Addiscott, the company’s senior director analyst, discussed during…

According to the “2022 Verizon Data Breach Investigations Report,” stolen credentials were the top path leading to data breaches. More often than phishing or exploiting vulnerabilities, attackers gain direct access to credentials, letting them virtually walk into victim organizations using the front door. Low-code/no-code platforms make it extremely easy for users to share their credentials…

Live events such as concerts and sports games are generally chock-full of action, both on the field and behind the scenes. IT and security teams managing these venues navigate a complex environment that includes a traditional corporate infrastructure, special equipment required for the event, a large army of suppliers and contractors, and all of the…

Researchers have discovered a denial-of-service (DoS) vulnerability in Envoy Proxy, which gives attackers the opportunity to crash the proxy server. This could lead to performance degradation or unavailability of resources handled by the proxy, according to JFrog Security Research, which disclosed the vulnerability (CVE-2022-29225). Envoy is a widely used open source edge and service proxy…

The pandemic-propelled shift to work-from-home and bring-your-own-devices accelerated the already expanding move to the cloud. IDC predicts that global cloud spending will grow from $703 billion in 2021 to $1.3 trillion in 2025. Statista reports that the percentage of corporate data stored on the cloud rose from 30% in 2015 to 48% at the beginning…

At RSA Conference 2022, Malwarebytes announced the expansion of its Nebula platform with a new DNS Filtering module available for Windows on June 14 and for Mac in July. Malwarebytes DNS Filtering is powered by Cloudflare‘s zero trust platform to deliver a flexible and comprehensive zero trust solution for Nebula users. Malwarebytes DNS Filtering module…

Businesses are investing substantial funds and efforts into migrating workloads from on-premises infrastructure to public clouds, in part motivated by the hypothesis that, once cloud-based, those workloads will be relatively easy to move from one cloud provider to another. Unfortunately, the reality is unlikely to be so simple. It’s been estimated that about half of…

As the cyber attack surface continues to rapidly expand, enterprises need a security solution that can help organizations to better understand, communicate, and mitigate cyber risk across their entire IT ecosystem. And with many offerings on the market, choosing the right product can be challenging. CISOs can make a more informed decision by leveraging the…