Tag: technology
-
An easy to follow NIST Compliance Checklist
by
in SecurityNewsWe have seen how cyber attacks have disrupted organisations and businesses repeatedly. Mitigating emerging threats is crucial more than ever, and many organisations are at the forefront of combating them. One such organisation is the National Institute of Standards and Technology (NIST). NIST has released many Special Publications (SP) regulations, each containing guidelines for improving……
-
BlackBerry to Sell Cylance to Arctic Wolf
by
in SecurityNewsArctic Wolf plans to integrate Cylance’s endpoint detection and response (EDR) technology into its extended detection and response (XDR) platform. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/blackberry-sell-cylance-arctic-wolf
-
SandboxAQ Advances Global Cybersecurity Through Series of Milestones
by
in SecurityNewsSandboxAQ, a leading technology company, has achieved significant milestones in cybersecurity research and development. The company’s dedicated team has made substantial contributions to the field, particularly in post-quantum cryptography (PQC). In 2024 alone, SandboxAQ has published 18 peer-reviewed papers, bringing the total number of cybersecurity publications since its spin-off from Alphabet in 2022 to 45.…
-
How NCS is tackling the enterprise IT market
by
in SecurityNewsThe technology service provider is counting on its government experience, global expert network and cyber security capabilities to penetrate the enterprise IT market First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617068/How-NCS-is-tackling-the-enterprise-IT-market
-
Arctic Wolf to Buy Cylance for $160M to Boost AI-Driven XDR
by
in SecurityNewsDeal With BlackBerry Integrates EDR for Hybrid XDR Platform for Midmarket Customers. Arctic Wolf is acquiring Cylance from BlackBerry for $160 million to integrate its AI-driven EDR technology into a hybrid XDR tool. The move aims to streamline cybersecurity for midmarket companies by combining services with product offerings, cutting operational complexity and boosting scalability. First…
-
Arctic Wolf acquires Cylance from BlackBerry for $160 million
by
in SecurityNews
Tags: technologyThe once-prominent technology firm bought Cylance for $1.4 billion in 2018. First seen on cyberscoop.com Jump to article: cyberscoop.com/arctic-wolf-cylance-blackberry-acquisition/
-
More limited US-China technology deal signed
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/more-limited-us-china-technology-deal-signed
-
XDR provider Arctic Wolf buys BlackBerry’s Cylance suite
by
in SecurityNews
Tags: ai, business, ceo, ciso, cybersecurity, detection, edr, endpoint, government, infrastructure, office, phone, risk, service, soc, technologyUS provider Arctic Wolf has struck a deal to buy BlackBerry’s Cylance endpoint security suite, which it will integrate into its Aurora extended detection and response (XDR) platform.Arctic Wolf said this morning that if the deal is approved by regulators, the company will be able to offer one of the largest open XDR security platforms…
-
Catching the ghost in the machine: Adapting threat detection to cloud speed
by
in SecurityNewsThe rapid adoption of cloud technology has transformed how businesses operate, offering scalability, agility, and opportunities for innovation. However, this transformation has also introduced a profound challenge: the “ghost in the machine””, elusive and dynamic threats that exploit the complexity and scale of cloud environments to remain hidden, evading traditional detection methods and posing significant…
-
Interview mit IBM Was ist der Unterschied zwischen Monitoring und Observability?
by
in SecurityNewsIn der IT-Welt wird Monitoring und Observability häufig synonym verwendet. Allerdings gibt es gravierende Unterschiede und selbst bei der Observability gibt es unterschiedliche Ausrichtungen. Netzpalaver sprach via Remote-Session mit Georg Ember, Senior IT Architect and Brand Technical Specialist, AIOPs and Automation, IBM Technology, DACH, darüber welche Unterschiede es beim Monitoring und Observability gibt, deren Einsatzgebiete…
-
Serbian government cracked phones with Cellebrite to install spyware, report says
by
in SecurityNewsAmnesty International said it found examples of Serbian police using Cellebrite phone-cracking technology to unlock devices and embed spyware on them while people were talking to authorities.]]> First seen on therecord.media Jump to article: therecord.media/serbia-report-amnesty-international-cellebrite-spyware
-
Security leaders top 10 takeaways for 2024
by
in SecurityNews
Tags: access, ai, attack, automation, best-practice, breach, business, ciso, cloud, compliance, corporate, crowdstrike, cybercrime, cybersecurity, data, deep-fake, detection, email, finance, fraud, governance, group, guide, hacker, identity, incident response, infosec, ISO-27001, office, okta, phishing, privacy, programming, regulation, risk, risk-management, saas, security-incident, service, software, startup, strategy, technology, threat, tool, training, vulnerabilityThis year has been challenging for CISOs, with a growing burden of responsibility, the push to make cybersecurity a business enabler, the threat of legal liability for security incidents, and an expanding attack landscape.As the year comes to a close, CISOs reflect on some of the takeaways that have shaped the security landscape in 2024.…
-
The Hidden Risks of Mobile Calls and Messages: Why EndEnd Encryption is Just the Starting Line
by
in SecurityNews
Tags: access, android, breach, business, communications, control, cybercrime, cybersecurity, data, encryption, endpoint, espionage, government, identity, intelligence, mobile, network, risk, service, startup, technology, threat, tool, update, vulnerabilityThe recent breaches of sovereign telecom networks in the United States, underscores how highly connected but fragmented public networks are increasingly vulnerable to sophisticated attacks. Another rising concern is the blind trust organizations and individuals put into consumer-grade messaging apps such as WhatsApp to share government and commercially-sensitive information. Some of the biggest risks concerning these…
-
Platforms are the Problem
by
in SecurityNews
Tags: ai, breach, business, chatgpt, cloud, cyber, cybercrime, cybersecurity, data, defense, detection, finance, firewall, fraud, infrastructure, intelligence, LLM, network, saas, service, technology, threat, toolA better path forward for cybersecurity Why is it that cybersecurity is struggling to keep pace with the rapidly evolving threat landscape? We spend more and more, tighten our perimeters, and still there are trillions of dollars being lost to cybercrime and cyber attacks. Setting aside the direct costs to individuals and businesses, and the…
-
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions
by
in SecurityNews
Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-dayThe brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
-
US Updates a Science and Technology Pact With China to Reflect Growing Rivalry and Security Threats
by
in SecurityNewsThe new agreement has a narrower scope and additional safeguards to minimize the risk to national security. The post US Updates a Science and Technology Pact With China to Reflect Growing Rivalry and Security Threats appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-updates-a-science-and-technology-pact-with-china-to-reflect-growing-rivalry-and-security-threats/
-
Ransomware in the Global Healthcare Industry”¯
by
in SecurityNewsHealthcare organizations are increasingly relying on digital systems to facilitate their daily workflow, but the prevalence of outdated legacy technology in the sector is rendering it vulnerable to cyberattacks with severe consequences.”¯”¯ “¯ First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/ransomware-in-the-global-healthcare-industry/
-
Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms
by
in SecurityNewsIran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States.The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras, routers,…
-
How to turn around a toxic cybersecurity culture
by
in SecurityNews
Tags: access, advisory, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, governance, group, guide, healthcare, jobs, password, phishing, risk, sans, service, strategy, technology, threat, training, vulnerability, zero-trustA toxic cybersecurity culture affects team turnover, productivity, and morale. Worse yet, it places enterprise systems and data at risk.In a toxic cybersecurity culture, everybody believes that cybersecurity is somebody else’s job, says Keri Pearlson, executive director for Cybersecurity at MIT Sloan (CAMS), a research consortium focusing on cybersecurity leadership and governance issues. “They don’t…
-
Microsoft Windows ‘Best Fit’ character conversion ‘ripe for exploitation’
by
in SecurityNews
Tags: api, application-security, attack, cve, exploit, flaw, injection, malicious, microsoft, mitigation, office, programming, software, switch, technology, tool, vulnerability, windowsSecurity researchers have outlined a novel attack vector that exploits the “Best Fit” character conversion technology built into Windows.The technology comes into play in string conversions, particularly when characters cannot be directly represented in a target character set.However, application security experts Orange Tsai and Splitline Huang from Taiwanese firm DEVCORE used a presentation at Black…
-
US Sanctions Chinese Cybersecurity Firm for Firewall Exploit, Ransomware Attacks
by
in SecurityNewsSUMMARY The United States has taken strong action against a Chinese cybersecurity company, Sichuan Silence Information Technology, for… First seen on hackread.com Jump to article: hackread.com/us-sanctions-chinese-cybersecurityfirm-firewall-ransomware/
-
KeyTrap DNSSEC: The day the internet (almost) stood still
by
in SecurityNews
Tags: attack, cyberattack, cybersecurity, data, dns, email, exploit, germany, google, Internet, mitigation, service, software, technology, vulnerabilityA severe vulnerability in the internet lookup protocol DNSSEC carried the potential to make much of the web functionally inaccessible for many, according to a presentation at Black Hat Europe.DNSSEC (Domain Name System Security Extensions) offers mitigation against various types of cyberattacks, including DNS spoofing and cache poisoning, by providing a way to cryptographically authenticate…
-
How AI agents are the next wave of generative technology
by
in SecurityNewsAs agentic technology grows more popular, some are optimistic about what appears to be the next phase of AI. However, there are concerns about the tasks agents are doing. First seen on techtarget.com Jump to article: www.techtarget.com/searchenterpriseai/news/366617158/How-AI-agents-are-the-next-wave-of-generative-technology
-
Why did China hack the world’s phone networks?
by
in SecurityNews
Tags: access, breach, china, communications, cyberattack, cybercrime, cybersecurity, government, group, hacker, Internet, microsoft, network, phone, service, technologySalt Typhoon breached dozens of telecoms around the world<ul><li><a href=”https://www.theguardian.com/info/2022/sep/20/sign-up-for-the-techscape-newsletter-our-free-technology-email”>Don’t get TechScape delivered to your inbox? Sign up here</li></ul>Chinese hackers <a href=”https://www.theguardian.com/technology/2024/dec/04/chinese-hackers-american-cell-phones”>have breached dozens of telecommunications companies around the world. The breach, christened Salt Typhoon by Microsoft cybersecurity researchers, has afforded the cybercriminals unprecedented access not only to information on who has been texting or…
-
New Chinese Surveillance Tool Attack Android Users Since 2017
by
in SecurityNewsWuhan Chinasoft Token Information Technology Co., Ltd. developed EagleMsgSpy, a surveillance tool operational since 2017, which, installed as an APK, secretly collects extensive user data, including chat messages, screen recordings, audio, call logs, contacts, SMS, location, and network activity. Because the data is sent to a command-and-control server, there is a possibility that it could…