The Biden Executive Order was a catalyst for action, with tight delivery times for action, including promotion of SBOM and Zero Trust. The cyber-physical nexus and expanding threat surface mean it’s not easy to maintain vigilance, but recognizing that is the first step.
Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
XM Cyber has purchased Cyber Observer to help customers ensure their security products are installed and configured correctly and not opening up potential attack vectors. The deal will help customers see both their areas of exposure as well as how their existing security controls can react.
IronNet is laying off 17% of its employees in a cost-cutting effort just 10 months after going public by merging with a special purpose acquisition company. The 55 layoffs will occur by the end of June and the company will spend the $1 million allocated for severance and other termination benefits.
Modern applications and architectures are permeating more deeply into organizations to transform back-office functions as well as those that directly affect the customer experience, according to Kara Sprague, F5's executive vice president and general manager of application delivery.
The proliferation of IoT devices and cloud has created a more vulnerable attack landscape, while technologies such as AI and deep learning can potentially thwart zero-day threats, says Itai Greenberg, chief strategy officer at Check Point Software Technologies.
In his spare time, ransomware expert Allan Liska recently became a certified sommelier. Branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the deductive tasting process and threat intelligence.
Until its disruption earlier this year, the Russian-language Hydra marketplace was the world's largest darknet market. Studying how Hydra became such a success will be key to tracking and disrupting future darknet markets, says Ian Gray, senior intelligence director at Flashpoint.
The discovery and subsequent exploitation of a critical zero-day vulnerability in Apache's Log4j open-source library has highlighted the importance of code security in today's threat landscape, says Steve Wilson, security chief product officer at Contrast.
The war between Russia and Ukraine isn't an abstract concern for SecurityScorecard CEO Aleksandr Yampolskiy. It's a deeply personal one since Yampolskiy, who is now a U.S. citizen, grew up in Russia and rode the train to Ukraine every summer to visit his grandmother.
Business-critical applications, the crown jewels of the modern enterprise, are increasingly targeted due to their significant value, and many organizations are struggling to secure them. These systems must be properly deployed, monitored and maintained, says Onapsis CEO Mariano Nunez.
Anyone using machine-learning models to support so-called artificial intelligence capabilities must prioritize ethical design to ensure the systems work equally well for all, says industry veteran Diana Kelley. She also discusses how to include and keep people in cyber.
Microsoft’s June rollout of security flaw fixes includes patching Follina, a zero-day exploit launched via malicious Office documents which has been spotted being exploited in the wild. From July users with E3 licenses and above will have the option of automatic updates instead of manual Patch Tuesday fixes.
Organizations face major challenges gaining visibility into networks that grow more complex by the day, and Corelight CEO Brian Dye says the open-source community can help with gathering evidence and insights from networks so that the perimeter is better secured.
The disruption of the Netwalker ransomware group in January 2021 by U.S. and Bulgarian authorities highlights how blockchain can be an Achilles' heel for cryptocurrency-using criminals, says Jackie Burns Koven, cyberthreat intelligence lead at Chainalysis.