News

Cloud Data Storage Encryption and Data Protection Best Practices

• August 02, 2019 02 Aug'19

  Capital One breach suspect may have hit other companies

  History from a Slack channel run by the Capital One data breach suspect points to data stolen from more organizations, but no evidence of other attacks has been found yet.

• August 01, 2019 01 Aug'19

  SafeBreach launches new platform to prioritize, mitigate security gaps

  SafeBreach has launched SafeBreach GRID, a breach and attack simulation application that helps security teams decide which security gaps to address first.

• July 31, 2019 31 Jul'19

  Project Zero drops six iOS vulnerabilities ahead of Black Hat

  Google Project Zero researchers disclosed six iOS vulnerabilities, including proof-of-concept code that could allow for attacks requiring no user interaction.

• July 31, 2019 31 Jul'19

  Qualys IOC 2.0 update improves threat detection and response

  Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks.

• July 30, 2019 30 Jul'19

  FBI charges former AWS engineer in Capital One breach

  The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall.

• July 30, 2019 30 Jul'19

  AT&T introduces managed threat detection and response service

  Using AlienVault threat intelligence, AT&T Cybersecurity's Managed Threat Detection and Response service intends to identify and contain cybersecurity threats sooner to reduce data breaches.

• July 30, 2019 30 Jul'19

  URGENT/11 VxWorks vulnerabilities affect millions of devices

  Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system.

• July 30, 2019 30 Jul'19

  2019 data breach disclosures: 10 of the biggest -- so far

  Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year.

• July 29, 2019 29 Jul'19

  Untangling GDPR fines with Synopsys' Tim Mackey

  Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations.

• July 25, 2019 25 Jul'19

  D3 Security's Attackbot integrates Mitre ATT&CK in SOAR 2.0

  With the Mitre ATT&CK framework, D3's SOAR 2.0 platform can identify and map security events, predict the kill chain and trigger automated responses to remediate threats.

• July 24, 2019 24 Jul'19

  Citrix breach blamed on poor password security

  An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen.

• July 23, 2019 23 Jul'19

  Slide deck brings BlueKeep exploit closer to the wild

  After a description for building a remote BlueKeep exploit is posted on GitHub, experts warn that attacks in the wild are becoming more likely and users need to patch.

• July 23, 2019 23 Jul'19

  Researchers fool Cylance AI antimalware with 'simple' bypass

  Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI."

• July 22, 2019 22 Jul'19

  Equifax to pay up to $700 million in data breach settlement

  Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers.

• July 19, 2019 19 Jul'19

  Enzoic for Active Directory brings continuous password protection

  Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords.