Tag: infosec
-
New infosec products of the week: April 4, 2025
by
in SecurityNewsHere’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Bitsight, Bluefin, CyberQP, and Exabeam. Exabeam Nova accelerates threat … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/04/new-infosec-products-of-the-week-april-4-2025/
-
6 hard-earned tips for leading through a cyberattack, from CSOs who’ve been there
by
in SecurityNews
Tags: attack, awareness, breach, business, cisco, ciso, control, cyber, cyberattack, cybersecurity, data, group, incident response, infosec, infrastructure, lessons-learned, military, open-source, phishing, phone, privacy, programming, ransomware, security-incident, service, skills, software, strategy, threat, training, updateDevelop muscle memory, and patience, through simulations: Authority under crisis is meaningless if you can’t establish followership. And this goes beyond the incident response team: CISOs must communicate with the entire organization, a commonly misunderstood imperative, says Pablo Riboldi, CISO of nearshore talent provider BairesDev.”I find that employee involvement tends to be overlooked during cyberattacks.…
-
Check Point confirms breach, but says it was ‘old’ data and crook made ‘false’ claims
by
in SecurityNewsExplanation leaves a ‘lot of questions unanswered,’ says infosec researcher First seen on theregister.com Jump to article: www.theregister.com/2025/03/31/check_point_confirms_breach/
-
Infosec products of the month: March 2025
by
in SecurityNews
Tags: infosecHere’s a look at the most interesting products from the past month, featuring releases from: 1Kosmos, Alloy, Cloudflare, Cytex, Detectify, GetReal Security, iProov, Keysight … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/28/infosec-products-of-the-month-march-2025/
-
US defense contractor cops to sloppy security, settles after infosec lead blows whistle
by
in SecurityNewsMORSE to pay — .. .-.. .-.. .. — -. … for failing to meet cyber-grade First seen on theregister.com Jump to article: www.theregister.com/2025/03/26/us_defense_contractor/
-
Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish
by
in SecurityNews16,000 stolen records pertain to former and active mail subscribers First seen on theregister.com Jump to article: www.theregister.com/2025/03/25/troy_hunt_mailchimp_phish/
-
CISOs are taking on ever more responsibilities and functional roles has it gone too far?
by
in SecurityNews
Tags: ai, business, cio, ciso, cloud, compliance, computing, control, corporate, cyber, cybersecurity, data, defense, framework, fraud, governance, healthcare, infosec, intelligence, international, Internet, jobs, law, mitigation, nist, privacy, regulation, resilience, risk, risk-management, service, skills, software, supply-chain, technology, threatth century alongside technology and internet-enabled threats, morphing to meet the demands of the moment. But the position hasn’t just matured; in many cases it has expanded, taking on additional domains.”The CISO role has expanded significantly over the years as companies realize that information security has a unique picture of what is going on across…
-
11 hottest IT security certs for higher pay today
by
in SecurityNews
Tags: access, attack, automation, business, cloud, container, control, corporate, credentials, cyber, cybersecurity, data, defense, encryption, exploit, finance, fortinet, google, governance, incident response, infosec, intelligence, Internet, jobs, linux, malicious, malware, monitoring, network, penetration-testing, remote-code-execution, resilience, reverse-engineering, risk, risk-assessment, risk-management, skills, software, technology, threat, tool, training, vulnerability, windowsOffensive Security Certified Expert (OSCE): OffSec’s Offensive Security Certified Expert consists of three courses: Advanced Web Attacks and Exploitation, Advanced Evasion Techniques and Breaching Defenses, and Windows User Mode Exploit Development. The format for each course exam is the same: Candidates have 48 hours to compromise a given target using various techniques. No formal prerequisites exist for any of the…
-
New infosec products of the week: March 21, 2025
by
in SecurityNewsHere’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Cloudflare, Cytex, Keysight Technologies, and TXOne Networks. Keysight AI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/21/new-infosec-products-of-the-week-march-21-2025/
-
New infosec products of the week: March 14, 2025
by
in SecurityNews
Tags: infosecHere’s a look at the most interesting products from the past week, featuring releases from Alloy, Detectify, Pondurance, and SimSpace. SimSpace Stack Optimizer allows … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/14/new-infosec-products-of-the-week-march-14-2025/
-
CISA worker says 100-strong red team fired after DOGE cancelled contract
Election infosec advisory agency also shuttered First seen on theregister.com Jump to article: www.theregister.com/2025/03/12/cisa_staff_layoffs/
-
What is risk management? Quantifying and mitigating uncertainty
by
in SecurityNews
Tags: breach, business, cio, ciso, compliance, control, cyber, cyberattack, data, finance, flaw, framework, governance, healthcare, infosec, infrastructure, insurance, international, jobs, mitigation, monitoring, nist, risk, risk-analysis, risk-assessment, risk-management, software, strategy, technology, tool, vulnerabilityHow do organizations structure risk management operations?: Risk management has in some organizations traditionally been multicentric, with different departments or individuals within the org implementing risk management techniques in their work: Risk management is a component of good project management, for instance. IT leaders in particular must be able to integrate risk management philosophies and…
-
New infosec products of the week: March 7, 2025
by
in SecurityNewsHere’s a look at the most interesting products from the past week, featuring releases from Outpost24, Palo Alto Networks, Red Canary, and Sonatype. Outpost24 introduces … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/07/new-infosec-products-of-the-week-march-7-2025/
-
Infosec products of the month: February 2025
by
in SecurityNewsHere’s a look at the most interesting products from the past month, featuring releases from: 1Password, Armor, BigID, Dynatrace, Fortinet, Legit Security, Netwrix, Nymi, Palo … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/28/infosec-products-of-the-month-february-2025/
-
Ghost ransomware crew continues to haunt IT depts with scarily bad infosec
by
in SecurityNewsFBI and CISA issue reminder – deep sigh – about the importance of patching and backups First seen on theregister.com Jump to article: www.theregister.com/2025/02/20/fbi_beware_of_ghost_ransomware/
-
Healthcare outfit that served military personnel settles allegations it faked infosec compliance for $11M
by
in SecurityNewsIf this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help First seen on theregister.com Jump to article: www.theregister.com/2025/02/19/decadeold_healthcare_security_snafu_settled/
-
Healthcare outfit that served military personnel settles allegations it faked infosec compliance for $11 million
by
in SecurityNewsIf this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help First seen on theregister.com Jump to article: www.theregister.com/2025/02/19/decadeold_healthcare_security_snafu_settled/
-
New infosec products of the week: February 14, 2025
by
in SecurityNewsHere’s a look at the most interesting products from the past week, featuring releases from Armor, EchoMark, Netwrix, Palo Alto Networks, and Socure. Palo Alto Networks Cortex … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/14/new-infosec-products-of-the-week-february-14-2025/
-
US lawmakers press Trump admin to oppose UK’s order for Apple iCloud backdoor
by
in SecurityNewsSenator, Congressman tell DNI to threaten infosec agreements if Blighty won’t back down First seen on theregister.com Jump to article: www.theregister.com/2025/02/13/us_demand_uk_apple_backdoor_close/
-
Sophos sheds 6% of staff after swallowing Secureworks
by
in SecurityNewsDe-dupes some roles, hints others aren’t needed as the infosec scene shifts First seen on theregister.com Jump to article: www.theregister.com/2025/02/13/sophos_secureworks_layoff/
-
Fortinet discloses second authentication bypass vulnerability
by
in SecurityNewsFortinet disclosed CVE-2025-24472 in an updated advisory that confused some in the infosec community because it stated that ‘reports show this is being exploited in the wild.’ First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619314/Fortinet-discloses-second-authentication-bypass-vulnerability
-
Getting the Most Value out of the OSCP: Pre-Course Prep
by
in SecurityNews
Tags: access, antivirus, attack, compliance, control, credentials, cyber, cybersecurity, detection, exploit, finance, framework, guide, hacker, hacking, infosec, infrastructure, jobs, kali, linux, mandiant, metric, microsoft, mitre, network, organized, password, penetration-testing, PurpleTeam, RedTeam, risk, service, skills, software, tactics, technology, tool, training, vulnerability, windowsThe first post in a five-part practical guide series on maximizing the professional, educational, and financial value of the OffSec certification pursuit for a successful career in offensive cybersecurity consulting Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements.…
-
UK armed forces fast-tracking cyber warriors to defend digital front lines
by
in SecurityNewsHigh starting salaries promised after public sector infosec pay criticized First seen on theregister.com Jump to article: www.theregister.com/2025/02/10/uk_armed_forces_cyber_hires/
-
Infosec pros struggle under growing compliance
by
in SecurityNewsThe implementation of new regulatory measures that impact the UK, EU, and beyond are driving organizations to enhance vigilance in addressing evolving cybersecurity and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/07/infosec-pros-compliance-pressure/
-
New infosec products of the week: February 7, 2025
by
in SecurityNews
Tags: infosecHere’s a look at the most interesting products from the past week, featuring releases from Dynatrace, Nymi, Qualys, SafeBreach, and Satori. Qualys TotalAppSec enables … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/07/new-infosec-products-of-the-week-february-7-2025/
-
Musk’s DOGE effort could spread malware, expose US systems to threat actors
by
in SecurityNews
Tags: access, ai, api, attack, authentication, ceo, cio, computer, computing, control, cyber, cybercrime, cybersecurity, data, defense, email, exploit, governance, government, hacking, infection, infosec, international, jobs, malicious, malware, network, office, privacy, ransomware, risk, service, technology, threat, toolOver the past 10 days, an astonishing series of actions by Elon Musk via his Department of Government Efficiency (DOGE) project has elevated the cybersecurity risk of some of the most sensitive computing systems in the US government. Musk and his team of young, inexperienced engineers, at least one of whom is not a US…
-
Proactive Vulnerability Management for Engineering Success
by
in SecurityNewsBy integrating security into CI/CD, applying automated policies, and supporting developers with the right processes and tools, infosec teams can increase efficiency and build secure software. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/proactive-vulnerability-management-engineering-success
-
Hackers game out infowar against China with the US Navy
by
in SecurityNewsTaipei invites infosec bods to come and play on its home turf First seen on theregister.com Jump to article: www.theregister.com/2025/01/20/china_taiwan_wargames/
-
US hits back against China’s Salt Typhoon group
by
in SecurityNews
Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerabilityThe US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…