5 Steps For Rethinking Vulnerability Management

Sometimes security and risk management professionals – even corporate executives and boards – are so focused on protecting against sophisticated attacks that they take their eyes off the seemingly mundane, but no less important, tasks required to secure an enterprise. Basic vulnerabilities in software and infrastructure are the perfect example. Vulnerability discovery is one area […]

How Your Product Team Can Integrate Security Throughout Software Development Lifecycles

Cybersecurity

Integrating security into DevOps to deliver DevSecOps is no easy task: It requires changing the team’s mindset, processes, and technology. Each company’s ultimate goal should be to keep DevOps collaborative and agile, which means making security silent in DevSecOps. To accomplish this, your team will require very close integration with security systems. This calls for […]

Operating System Bug Exposes 200 Million Critical Devices

Reports have surfaced about a group of vulnerabilities in OS VxWorks that impacts more than 200 million critical devices. It appears that VxWorks is primarily designed for medical equipment, elevator controllers and satellite modems.  According to reports, there is a cluster of 11 vulnerabilities in the platform’s networking protocols, six of which could conceivably give an attacker […]

The Resilience Imperative

Tech Bubbles that Work in Valleys

Companies today are exposed to an increasingly complex array of risks, threats and uncertainties, which are only expected to accelerate in the years to come. Whether driven by technological developments, cybersecurity threats, data privacy concerns, or natural disasters, coping with accelerating change and the evolving threat landscape is no longer a business advantage, it’s a […]

SysAdmin Day 2019: How Going Unnoticed Means A Job Well-Done

Centrify

No matter what the industry, you will find employees that often fly under the radar, going mostly unnoticed despite the essential part they play to keep the businesses up and running. System Administrators, or SysAdmins, are one of these humble cogs in the wheel that have a very important job – to consistently monitor and […]

Why DNS Is Vital To Keeping The Digital Economy Afloat

Despite its importance in ensuring the smooth running of apps, DNS remains one of the most underappreciated application services of today. Its failure is potentially catastrophic, and could bring the digital economy to its knees within minutes, so why is DNS not getting the attention it deserves?  DNS enables us to translate domain names to […]

Sephora Breach: Expert Commentary

International beauty retailer Sephora has emailed customers in the Southeast Asia region to inform them it has discovered a breach that occurred within the last fortnight. Sephora said some personal information may have been exposed to unauthorised third parties, including first and last name, date of birth, gender, email address, and encrypted password, as well […]

Vulnerabilities Can Allow Hackers To Bypass £30 On Visa Contactless Limit

Financial Account Information being Stolen During a Cyber Attack

Security researchers have discovered flaws that could allow hackers to bypass the UK contactless verification limit of £30 on Visa contactless cards. The researchers, from Positive Technologies, tested the attack with five major UK banks, successfully bypassing the UK’s £30 limit (which is used to safeguard against fraudulent losses) on all tested Visa cards, irrespective of the card terminal. They also […]

Capital One Suffers Data Breach Affecting 100 Million Customers

Capital One is reporting a massive data breach affecting 100 million people in the US that exposed the names, addresses, phone numbers and email addresses they used on their credit card applications. The announcement has come after the alleged hacker, an ex-AWS employee was arrested and charged with a single count of computer fraud. Prosecutors […]

Silicon Valley Grand Jury Election Security Report

Cybersecurity industry executives reacted to a new report issued by a San Mateo, California grand jury this week focuses on the vulnerabilities of the County’s email and online communication platforms to hijacking and propagating disinformation in the guise of election instructions or announcements.