News
Cloud Data Storage Encryption and Data Protection Best Practices
- August 02, 2019
02 Aug'19
Capital One breach suspect may have hit other companies
History from a Slack channel run by the Capital One data breach suspect points to data stolen from more organizations, but no evidence of other attacks has been found yet.
- August 01, 2019
01 Aug'19
SafeBreach launches new platform to prioritize, mitigate security gaps
SafeBreach has launched SafeBreach GRID, a breach and attack simulation application that helps security teams decide which security gaps to address first.
- July 31, 2019
31 Jul'19
Project Zero drops six iOS vulnerabilities ahead of Black Hat
Google Project Zero researchers disclosed six iOS vulnerabilities, including proof-of-concept code that could allow for attacks requiring no user interaction.
-
- July 31, 2019
31 Jul'19
Qualys IOC 2.0 update improves threat detection and response
Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks.
- July 30, 2019
30 Jul'19
FBI charges former AWS engineer in Capital One breach
The FBI arrested a former AWS engineer who allegedly stole data for more than 100 million Capital One customers and credit card applications, thanks to a misconfigured firewall.
- July 30, 2019
30 Jul'19
AT&T introduces managed threat detection and response service
Using AlienVault threat intelligence, AT&T Cybersecurity's Managed Threat Detection and Response service intends to identify and contain cybersecurity threats sooner to reduce data breaches.
- July 30, 2019
30 Jul'19
URGENT/11 VxWorks vulnerabilities affect millions of devices
Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system.
- July 30, 2019
30 Jul'19
2019 data breach disclosures: 10 of the biggest -- so far
Enterprises have disclosed a number of significant data breaches in the first half of 2019. Here's a look at some of the biggest and most notable breaches so far this year.
- July 29, 2019
29 Jul'19
Untangling GDPR fines with Synopsys' Tim Mackey
Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations.
- July 25, 2019
25 Jul'19
D3 Security's Attackbot integrates Mitre ATT&CK in SOAR 2.0
With the Mitre ATT&CK framework, D3's SOAR 2.0 platform can identify and map security events, predict the kill chain and trigger automated responses to remediate threats.
-
- July 24, 2019
24 Jul'19
Citrix breach blamed on poor password security
An investigation revealed the password spraying attack that gave malicious actors access to Citrix systems resulted in only some business documents being stolen.
- July 23, 2019
23 Jul'19
Slide deck brings BlueKeep exploit closer to the wild
After a description for building a remote BlueKeep exploit is posted on GitHub, experts warn that attacks in the wild are becoming more likely and users need to patch.
- July 23, 2019
23 Jul'19
Researchers fool Cylance AI antimalware with 'simple' bypass
Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI."
- July 22, 2019
22 Jul'19
Equifax to pay up to $700 million in data breach settlement
Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers.
- July 19, 2019
19 Jul'19
Enzoic for Active Directory brings continuous password protection
Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords.