News

News

• July 13, 2020 13 Jul'20

  RSA finds two-thirds of phishing attacks directed at Canada

  RSA Security researchers found that nearly 70% of phishing attacks were directed at users in Canada, while the majority of attacks come from U.S.-based ISPs and hosting providers.

• July 10, 2020 10 Jul'20

  Cybercriminals auction off admin credentials for $3,000

  Threat actors are auctioning off domain administrator accounts, selling access to the highest bidder for an average of $3,139 and up to $140,000, according to Digital Shadows.

• July 09, 2020 09 Jul'20

  Data theft in ransomware attacks may change disclosure game

  Many ransomware attacks aren't publicly disclosed. But as ransomware gangs continue to steal, encrypt and threaten to publicly release data, that may be changing.

• July 08, 2020 08 Jul'20

  Microsoft seizes malicious domains used in COVID-19 phishing

  Microsoft went to court to seize several malicious domains that were used by cybercriminals in extensive phishing and BEC attacks on Office 365 accounts amid the current pandemic.

• July 06, 2020 06 Jul'20

  Critical F5 Networks vulnerability under attack

  A critical remote code execution vulnerability that was disclosed and patched just days ago is already being exploited by threat actors.

• Sponsored News

  • It’s Time to Modernize Your SOC

    Sponsored by Microsoft - With the shift to remote work caused by COVID-19, Security Operations Centers (SOCs) are under more pressure than ever, particularly with many SOC workers also working from home. Today’s reality is that SOCs have to embrace a new way of working in order to keep their analysts and admins effective and to ensure that morale doesn’t collapse under the weight of too much work and pressure. See More

  • 6 Factors to Consider in Building Resilience Now

    Sponsored by Microsoft - COVID-19 has been, and continues to be, a stark reminder of the importance of business resilience. Organizations of all types and sizes have had to adjust to rapidly changing and unpredictable circumstances: A shift to remote work, supply chain disruptions, new digitally driven business models and an environment where uncertainty is the rule, not the exception. See More

  • Why Zero Trust, Why Now

    Sponsored by Microsoft - The concept of a Zero Trust cybersecurity architecture has been around for more than a decade, but adoption didn’t really begin to take hold until the past couple of years. As with many technology innovations, it hasn’t always been clear just what Zero Trust is all about and, more important, how to implement it easily and cost effectively. See More

  • 5 Best Practices To Secure Remote Workers

    Sponsored by Microsoft - The impact of COVID-19 has changed the dynamics and landscape of remote work for at least the foreseeable future and, probably, forever. All of a sudden, organizations across all industries had to scale remote workers at unprecedented intensity and speed. See More

  View All Sponsored News
• July 01, 2020 01 Jul'20

  Microsoft fixes Windows Codecs flaws with emergency patches

  Microsoft addressed two vulnerabilities, one rated critical and the other rated important, after being alerted by a researcher with Trend Micro's Zero Day Initiative.

• July 01, 2020 01 Jul'20

  Snake ransomware poses unique danger to industrial systems

  The new ransomware family known as Snake, or Ekans, is designed for organizations with industrial control systems and has already struck at least two enterprises.

• June 29, 2020 29 Jun'20

  Record-setting DDoS attacks indicate troubling trend

  Akamai Technologies recently mitigated two of the largest DDoS attacks ever recorded on its platform, including a massive 809 million packets per second attack against a bank.

• June 26, 2020 26 Jun'20

  Maze ransomware hit biggest target yet with LG breach

  The operators of Maze ransomware claim to have breached LG, offering three screenshots as proof. One of those screenshots features LG product source code.

• June 25, 2020 25 Jun'20

  Open source vulnerabilities down 20% in 2019

  Snyk recently released its fourth annual 'State of Open Source Security' report, which analyzed open source statistics, vulnerability trends and security culture.

• June 23, 2020 23 Jun'20

  MSPs scramble to bolster security amid ransomware spike

  After a flurry of devastating ransomware attacks in 2019, MSPs and vendor partners are improving security to prevent history from repeating during the pandemic.

• June 22, 2020 22 Jun'20

  Microsoft acquires CyberX to strengthen IoT security offering

  Microsoft is acquiring CyberX to boost its IoT security offerings, though it's unknown whether CyberX will remain a separate entity or be integrated into Microsoft.

• June 19, 2020 19 Jun'20

  Risk & Repeat: Vault 7 report slams CIA security practices

  This week's Risk & Repeat podcast discusses the CIA's internal task force report on the Vault 7 leak, which blasted the agency for a variety of serious security lapses.

• June 18, 2020 18 Jun'20

  New Cisco Webex vulnerability exposes authentication tokens

  Trustwave SpiderLabs researchers disclosed a vulnerability in Cisco Webex software that leaks information stored in memory, including authentication tokens.

• June 16, 2020 16 Jun'20

  ZDI drops 10 zero-day vulnerabilities in Netgear router

  Trend Micro's Zero Day Initiative published 10 vulnerabilities in Netgear's R6700 router that have gone unpatched for seven months.

• June 16, 2020 16 Jun'20

  CIA unaware of Vault 7 theft until WikiLeaks dump

  An internal CIA report from the Wikileaks Task Force blasted the agency over the leak of the Vault 7 cyberweapons, which exposed dangerous hacking tools and vulnerabilities.

• June 16, 2020 16 Jun'20

  Repeat ransomware attacks: Why organizations fall victim

  Some organizations get hit with ransomware multiple times. Threat researchers explain why repeat attacks happen and how victims can prevent it from occurring again.

• June 11, 2020 11 Jun'20

  Italian company implicated in GuLoader malware attacks

  While analyzing the network dropper GuLoader, researchers found an almost identical commercial software tool called CloudEye offered by a legitimate-looking Italian company.

• June 10, 2020 10 Jun'20

  New 'Thanos' ransomware weaponizes RIPlace evasion technique

  Recorded Future's Insikt Group uncovered a new ransomware-as-a-service tool named 'Thanos' that's the first ransomware to use the hard-to-detect RIPlace technique.

• June 10, 2020 10 Jun'20

  Maze ransomware builds 'cartel' with other threat groups

  Operators behind the Maze ransomware posted data leaks from competing ransomware gangs to their victim shaming website, suggesting they have joined forces.

• June 09, 2020 09 Jun'20

  'CallStranger' vulnerability affects billions of UPNP devices

  A new vulnerability in the Universal Plug and Play protocol could be used to exfiltrate enterprise data and launch DDoS attacks, and patches may not arrive for a long time.

• June 08, 2020 08 Jun'20

  CISA warns Microsoft SMB v3 vulnerability is under attack

  CISA issued an alert Friday about attacks on a Microsoft Server Message Block v3 vulnerability and a proof-of-concept code that exploits the flaw in unpatched systems.

• June 05, 2020 05 Jun'20

  Chinese, Iranian hackers targeted Trump and Biden campaigns

  Shane Huntley, director of Google's Threat Analysis Group, announced that two state-backed APT groups targeted campaign staff for both Joe Biden and President Donald Trump.

• June 05, 2020 05 Jun'20

  Risk & Repeat: Are ransomware groups joining forces?

  This week's Risk & Repeat podcast discusses the prospect of ransomware gangs working together and what it could mean for enterprises and the overall threat landscape.

• June 04, 2020 04 Jun'20

  Remote work cybersecurity a concern during pandemic

  Recent surveys by NordVPN and Kaspersky found that more than 60% of employees use personal devices as they work from home due to the coronavirus -- which creates cybersecurity issues.

• June 04, 2020 04 Jun'20

  Attacks on Exim vulnerability continue one year later

  Though the Exim mail transfer agent vulnerability was publicly disclosed in June 2019, a significant number of unpatched versions remain online and are at risk of attacks.

• June 02, 2020 02 Jun'20

  VMware vulnerability enables takeover of cloud infrastructure

  A new vulnerability in VMware Cloud Director allowed any user to obtain control of any virtual machine on a public or private cloud, according to ethical hacking firm Citadelo.

• May 29, 2020 29 May'20

  Cisco servers breached through SaltStack vulnerabilities

  Threat actors exploited critical SaltStack flaws, which were disclosed and patched last month, in a Cisco product to breach several of the networking company's salt-master servers.

• May 28, 2020 28 May'20

  Supply chain attack hits 26 open source projects on GitHub

  Threat actors conducted an unprecedented supply chain attack by using malware known as Octopus Scanner to create backdoors in open source projects, which were uploaded to GitHub.

• May 26, 2020 26 May'20

  StrandHogg 2.0 allows attackers to imitate most Android apps

  A new elevation-of-privilege vulnerability on Android, dubbed StrandHogg 2.0, allows threat actors to gain access to most apps, according to Norwegian mobile security firm Promon.

• May 26, 2020 26 May'20

  Mandiant dishes on notorious Maze ransomware group

  Mandiant threat researchers navigate the tools, tactics and procedures of the Maze ransomware group, which has become notorious for "shaming" victims with stolen data.

• May 22, 2020 22 May'20

  Ragnar Locker ransomware attack hides inside virtual machine

  Threat actors have developed a new type of attack method by hiding Ragnar Locker ransomware inside a virtual machine to avoid detection.

• May 22, 2020 22 May'20

  Risk & Repeat: When will mobile voting be ready?

  This week's Risk & Repeat podcast examines the rise of mobile voting apps and how security experts have expressed concerns about the risks deploying the technology for elections.

• May 20, 2020 20 May'20

  Forescout sues Advent for calling off acquisition

  Forescout Technologies filed a lawsuit against Advent International, claiming the private equity firm violated the terms of its $1.9 billion acquisition agreement.

• May 19, 2020 19 May'20

  Verizon DBIR: Breaches doubled, but plenty of silver linings

  The 2020 Verizon Data Breach Investigations Report showed the number of confirmed breaches last year nearly doubled, but it also highlighted some positive trends.

• May 18, 2020 18 May'20

  Texas struck by two ransomware attacks in one week

  The Texas Department of Transportation was hit with a ransomware attack last Thursday, marking the second ransomware incident on a state agency in less than a week.

• May 18, 2020 18 May'20

  Advent calls off Forescout acquisition

  On what was scheduled to be the closing day, Forescout Technologies instead announced Advent International will not proceed with the $1.9 billion acquisition as planned.

• May 15, 2020 15 May'20

  Risk & Repeat: Black Hat, DEF CON canceled

  This week's Risk & Repeat podcast looks at the recent cancellations of Black Hat USA 2020 and DEF CON 28 and what their virtual replacements will try to accomplish.

• May 14, 2020 14 May'20

  CISA identifies malware from North Korean hacking group

  The Cybersecurity and Infrastructure Security Agency, in conjunction with the FBI and DoD, has identified three variants of malware used by the North Korean government.

• May 13, 2020 13 May'20

  Experts say mobile voting tech isn't the answer to COVID-19

  Despite the mounting need for another alternative to in-person voting amid the COVID-19 pandemic, experts say mobile and online voting is just not ready for the general public.

• May 12, 2020 12 May'20

  Q1 data breaches down, but exposed records reach new high

  Threat intelligence firm Risk Based Security released its 2020 Q1 Report, which shows a 273 percent increase in exposed records and 42 percent decrease in publicly reported breaches.

• May 11, 2020 11 May'20

  Volunteers join forces to tackle COVID-19 security threats

  The COVID-19 Cyber Threat Coalition has amassed approximately 4,000 volunteers from the infosec community to monitor, analyze and block pandemic-themed threats across the globe.

• May 07, 2020 07 May'20

  Advanced Computer Software leak exposes nearly 200 law firms

  Researchers at cybersecurity vendor TurgenSec discovered an exposed database owned by Advanced Computer Software that contained legal documents with data from 190 law firms.

• May 06, 2020 06 May'20

  GitHub security features tackle data exposures, vulnerabilities

  In in effort to curb accidental data exposures in repositories, GitHub unveiled a new 'secret' scanning tool that examines public and private code repositories for sensitive data.

• May 06, 2020 06 May'20

  Healthcare organizations sitting on 'unexploded' ransomware

  While threat reports show ransomware attacks against healthcare organizations are down, experts say threat actors may be lurking in networks and waiting to strike at a later date.

• May 05, 2020 05 May'20

  Research finds ransomware payments, demands increasing

  Research from incident response vendor Coveware and national law firm BakerHostetler show massive increases in both ransomware demands and payments from victims.

• May 05, 2020 05 May'20

  Critical SaltStack vulnerabilities exploited in several data breaches

  SaltStack patched two critical vulnerabilities in its software last week, but hackers used the flaws over the weekend to breach several unpatched networks and systems.

• May 01, 2020 01 May'20

  Risk & Repeat: RDP security under fire amid COVID-19

  This week's Risk & Repeat podcast looks at how Microsoft's Remote Desktop Protocol, already a popular vector with hackers, has received even more attention during the pandemic.

• May 01, 2020 01 May'20

  Shade ransomware decryptor released with 750,000 keys

  Kaspersky Lab released a decryptor tool after operators behind the ransomware variant announced a shutdown of operations and issued an apology for any harm caused.

• April 28, 2020 28 Apr'20

  Bugcrowd launches 'classic' penetration testing service

  The crowdsourcing security company launched the Bugcrowd Classic Pen Test service to offer enterprises a more cost-effective and efficient way to test their cybersecurity posture.

• April 27, 2020 27 Apr'20

  Zero-day flaw in Sophos XG Firewall exploited in attacks

  Sophos released an emergency patch over the weekend for its XG firewalls after threat actors exploited a zero-day SQL vulnerability in the products to steal customer data.

• April 24, 2020 24 Apr'20

  Emsisoft: U.S. ransomware attacks declined during pandemic

  In the first quarter of 2020, the number of successful ransomware attacks on government and healthcare organizations in the U.S. decreased to a level unseen in years, Emsisoft said.

• April 23, 2020 23 Apr'20

  COVID-19 strains critical certificate authority processes

  Border crossings. Police checkpoints. Security cages. Secret safes. These are just some of the hurdles certificate authorities face as they strive to maintain security during COVID-19.

• April 22, 2020 22 Apr'20

  New spear phishing campaign targets oil and gas industry

  Bitdefender researchers identified new spear phishing campaigns against the oil and gas industry that include emails with no typos and perfect usage of industry terminology.

• April 22, 2020 22 Apr'20

  Ransomware, cloud attacks more than doubled in 2019

  New research by Trustwave shows 2019 saw huge increases in ransomware and cloud services attacks, as well as a big shift from spam toward business email compromise.

• April 20, 2020 20 Apr'20

  Cognizant discloses Maze ransomware attack

  Cognizant was attacked by the Maze ransomware gang, the company confirmed Saturday. It's unclear whether Cognizant clients were also breached or infected with ransomware.

• April 20, 2020 20 Apr'20

  Google unveils BeyondCorp Remote Access as VPN alternative

  Google unveiled a new iteration of its zero-trust network offering with BeyondCorp Remote Access, which is designed to help remote workers securely connect to critical web apps.

• April 17, 2020 17 Apr'20

  Ransomware attacks see 148% surge amid COVID-19

  VMware Carbon Black saw a 148% increase in ransomware attacks in March over baseline levels in February, plus a massive spike in attacks on financial institutions.

• April 16, 2020 16 Apr'20

  TPG Capital combines 3 vendors to form Digital.ai

  Private equity firm TPG Capital combined three acquisitions -- CollabNet VersionOne, XebiaLabs and Arxan Technologies -- to create the new DevSecOps-focused vendor.

• April 16, 2020 16 Apr'20

  Hackers embrace cryptocurrency laundering to evade the law

  Cybercriminals are turning to cryptocurrency laundering methods to hide illicit proceeds as law enforcement agencies find success in tracing bitcoin transactions.

• April 15, 2020 15 Apr'20

  Malware found on 45 percent of home office networks

  New research by BitSight compared malware infections on home office networks versus corporate networks, and the results were unsettling for remote enterprise users.

• April 14, 2020 14 Apr'20

  Russian threat group suspected of hacking SFO

  San Francisco International Airport disclosed a data breach affected employees and third-party contractors, and ESET researchers said a Russian APT was likely behind the attack.

• April 09, 2020 09 Apr'20

  APTs infiltrated Linux servers undetected for nearly 10 years

  New BlackBerry research shows how five APT groups operating on behalf of the Chinese government infiltrated enterprise Linux environments undetected for nearly a decade.

• April 09, 2020 09 Apr'20

  Risk & Repeat: Are Zoom security fears overblown?

  This week's Risk & Repeat podcast looks at the backlash against Zoom over security and privacy concerns and asks whether there's been an overreaction.

• April 08, 2020 08 Apr'20

  Researchers beat fingerprint authentication with 3D printing scheme

  New research by Cisco Talos shows popular fingerprint scanning technology can be defeated by lifting actual fingerprints and reproducing them through 3D printers.

• April 06, 2020 06 Apr'20

  Zoom takes new security measures to counter 'Zoombombing'

  Zoom has implemented two key security and privacy measures in order to counter 'Zoombombing.' One enables passwords in meetings by default, while the second creates waiting rooms.

• April 02, 2020 02 Apr'20

  Risk & Repeat: Zoom security comes under fire

  This week's Risk & Repeat podcast looks at several security issues Zoom faced over the last week, which led to questions about the company's privacy and security practices.

• April 02, 2020 02 Apr'20

  Zoom zero-day vulnerabilities patched a day after disclosure

  An ex-NSA hacker reported two zero-day vulnerabilities on his blog Wednesday. One of them can give an attacker control of a user's webcam and microphone. Zoom fixed both flaws quickly.

• April 02, 2020 02 Apr'20

  Beazley: Ransomware attacks on clients 'skyrocketed' in 2019

  The 2020 Beazley Breach Briefing reported a 131% increase in reported attacks against clients last year, and the insurance giant isn't expecting the trend to slow down.

• April 01, 2020 01 Apr'20

  Voatz disputes claims it was 'kicked off' HackerOne

  HackerOne has cut ties with Voatz, but the mobile voting vendor disputed reports that it was kicked off the bug bounty platform following controversy with security researchers.

• March 31, 2020 31 Mar'20

  FTC calls out VoIP providers over coronavirus robocalls

  The U.S. Federal Trade Commission warned nine voice over IP companies that 'assisting and facilitating' illegal robocalls related to COVID-19 is against the law.

• March 30, 2020 30 Mar'20

  Coronavirus phishing lures continue to dominate threat landscape

  Overall cybercrime activity isn't necessarily going up amid COVID-19, experts say. However, coronavirus-themed emails are becoming the dominant form of phishing attacks.

• March 27, 2020 27 Mar'20

  Cyberinsurance carrier Chubb investigating possible data breach

  Insurance giant Chubb confirmed it is investigating an incident that may involve the Maze ransomware group, which claims to have stolen sensitive data from the company.

• March 27, 2020 27 Mar'20

  Risk & Repeat: COVID-19 boosting social engineering attacks

  This episode of the Risk & Repeat podcast looks at how social engineering attacks have become more successful by taking advantage of the coronavirus pandemic.

• March 25, 2020 25 Mar'20

  China's APT41 attacks Citrix ADC flaws in cyberespionage campaign

  A dual cyberespionage and cybercrime group known as APT41 exploited vulnerabilities in Citrix NetScaler/ADC and other products in an extensive, global threat campaign.

• March 24, 2020 24 Mar'20

  Canon breach exposes General Electric employee data

  Canon Business Process Services was breached last month, according to an announcement by General Electric, which used Canon for employee document processing.

• March 24, 2020 24 Mar'20

  Cisco security GM discusses plan for infosec domination

  At RSA Conference 2020, Gee Rittenhouse, senior vice president and general manager of Cisco's security group, talks about the company's strategy to reshape the infosec industry.

• March 24, 2020 24 Mar'20

  RSA Conference 2020 guide: Highlighting security's human element

  What's happening at the 2020 RSA Conference? Our team keeps you up to date with pre-conference coverage and breaking news from the infosec world's biggest event.

• March 20, 2020 20 Mar'20

  Emsisoft, Coveware offer free ransomware services to hospitals

  As they grapple with the COVID-19 pandemic, healthcare providers will have free access to a range of ransomware-related services from security vendors Emsisoft and Coveware.

• March 19, 2020 19 Mar'20

  Deepfakes: Security experts undecided on the threat level

  Deepfakes may seem like a scary new threat in today's world, but should the world be worried? SearchSecurity asked numerous experts to weigh in at RSA Conference 2020.

• March 19, 2020 19 Mar'20

  Maze ransomware gang pledges to stop attacking hospitals

  The infamous Maze gang announced it has stopped ransomware attacks on healthcare and medical facilities because of the seriousness of the coronavirus pandemic.

• March 19, 2020 19 Mar'20

  Risk & Repeat: Coronavirus-themed threats on the rise

  This week's Risk & Repeat podcast looks at the disruption caused by COVID-19, as well as the sharp increase in cyberthreats designed to exploit the pandemic.

• March 17, 2020 17 Mar'20

  Ransomware attacks poised to disrupt coronavirus response efforts

  Experts fear that coronavirus-themed threats will escalate to ransomware attacks, and such attacks will disrupt response efforts at hospitals and city, state and local governments.

• March 13, 2020 13 Mar'20

  Ransomware attack hits Champaign-Urbana Public Health District

  A ransomware attack shut down Champaign-Urbana's public health website, hindering the city's ability to provide information and updates on the Coronavirus pandemic.

• March 11, 2020 11 Mar'20

  Microsoft discloses wormable SMBv3 flaw without a patch

  Microsoft disclosed a new remote code execution vulnerability associated with the Microsoft Server Message Block 3.1.1 (SMBv3) protocol, but there's currently no patch available.

• March 11, 2020 11 Mar'20

  Microsoft leads takedown of Necurs botnet

  Microsoft, BitSight and other partners used legal and technical steps to take control of one of largest botnets in the world that infected more than 9 million systems.

• March 09, 2020 09 Mar'20

  What's the biggest cybersecurity threat in 2020? Experts weigh in

  At RSA Conference 2020, SearchSecurity asked several experts what they considered to be the biggest cybersecurity threat this year. Here's what they said.

• March 09, 2020 09 Mar'20

  Researchers develop new side channel attacks on AMD chips

  Security researchers behind the Meltdown and Spectre flaws discovered new side channel attacks on AMD processors, but the chipmaker has opted not to patch them.

• March 06, 2020 06 Mar'20

  Intel CSME flaw deemed 'unfixable' by Positive Technologies

  Positive Technologies researchers discovered a previously disclosed vulnerability in the Intel Converged Security and Management Engine is worse than originally reported.

• March 06, 2020 06 Mar'20

  Risk & Repeat: Recapping RSA Conference 2020

  This Risk & Repeat podcast looks back at RSA Conference and discusses some of the highlights from the show, from ransomware trends to nation-state hacking discussions.

• March 05, 2020 05 Mar'20

  Amid expansion, BlackBerry security faces branding dilemma

  BlackBerry continues its push into security by addressing a number of endpoint devices. But analysts discuss whether the former mobile device maker has a perception problem.

• March 05, 2020 05 Mar'20

  Risky ransomware payments on the rise, attacks increasing

  Making payments to threat actors to retrieve data was once viewed in black-and-white terms. But RSA Conference attendees say attitudes about paying up have changed drastically.

• March 05, 2020 05 Mar'20

  With BEC/EAC threats rising, Proofpoint offers a new approach

  Business email compromise and email account compromise attacks are increasing and evolving. To keep up with threat actors, Proofpoint says a new approach is required.

• March 04, 2020 04 Mar'20

  Should ransomware payments be insurable? Experts weigh in

  Ransomware payments are insurable, but should they be? Several experts weighed in on the question, and the effect of cyberinsurance, during RSA Conference 2020.

• February 28, 2020 28 Feb'20

  RSA Conference panel tackles Huawei security risks

  Four panelists discussed the ban on the world's largest telecommunications equipment manufacturer in relation to to supply chain risk.

• February 28, 2020 28 Feb'20

  Thoma Bravo's Sophos acquisition near completion

  SearchSecurity has learned completion of the Sophos acquisition is imminent, though the endpoint security vendor says the deal has not officially closed.

• February 27, 2020 27 Feb'20

  CrowdStrike founder: China hacking indictments are working

  During his RSA Conference keynote, CrowdStrike co-founder Dmitri Alperovitch explains why the U.S. Department of Justice's indictments against Chinese hackers has been effective.

• February 26, 2020 26 Feb'20

  Target embraces cyber war gaming to improve incident response

  At an RSA Conference 2020 panel, Target explained how the company is using war gaming to simulate real attacks and data breaches in order to hone its incident response plan.

• February 25, 2020 25 Feb'20

  Securiti.ai wins RSA Innovation Sandbox Contest

  Securiti.ai, which offers an AI-powered 'PrivacyOps' platform, took home the title of 'Most Innovative Startup' at RSA Conference's Innovation Sandbox Contest.

• February 25, 2020 25 Feb'20

  RSA Security president: We're excited about sale to STG

  In his RSA Conference keynote, Rohit Ghai didn't say much about his company's sale to a private equity firm, instead urging attendees to focus on the 'human element' of security.