Opinions & Analysis

A Global Look at the Data Privacy Landscape

Data privacy is at the center of core issues that governments are trying to solve this year. Privacy advocates have been requesting more stringent privacy laws and governments have responded. The European Union’s General Data Protection Regulation (GDPR) has served as an effective blueprint for new privacy laws. This year, we are seeing new privacy laws come into effect, such as Brazil’s LGPD, the United States’s CCPA, and more. Under GDPR, there have been over...

Read more
DevOps

DevOps culture makes things happen faster. Faster delivery, faster testing, faster release. On one hand, it adds control over what is going on in the infrastructure. You can recover faster. You can redeploy your compromised app components. You can roll back to the previous build. On the other hand, fast changes mean fast decisions. Some security vulnerabilities can pass through automatic testing. Some DevOps tools may be compromised also. We experienced a security issue when...

Read more
robotic arm

By John Conwell, data scientist at DomainTools   The security industry is in constant flux. As attackers move the goal posts in order to further their own nefarious aims, the security industry scrambles to keep up. As we approach the beginning of a brand-new year, and a brand-new decade, I have outlined some areas where I believe we will see security threats developing into 2020 and beyond.   DeepFake-Driven Phishing:   DeepFake Driven Phishing: DeepFake is a...

Read more
DeLorean - Back to the future

Tim Mackey, Principal Security Strategist for the Synopsys CyRC (Cybersecurity Research Centre): Politicians, be weary of digital assistants Cyber-attacks on 2020 candidates will become more brazen. While attacks on campaign websites have already occurred in past election cycles, targeted attacks on a candidate’s digital identity and personal devices will mount. With digital assistants operating in an “always listening” mode, an embarrassing “live mic” recording of a public figure will emerge. This recording may not be...

Read more
Password Security

What if I told you that 1.5% of publicly leaked passwords were still being used to sign in to Microsoft accounts? It doesn’t sound like much, but it actually equates to 44 million users still using leaked passwords for their Microsoft accounts. This is what the Microsoft research team found when it performed a scan of its user and Azure AD accounts versus the three billion publicly leaked credentials for the first quarter of the...

Read more
2020 predictions

2019 has been the year of the data breach with over 10 billion records estimated to have been leaked. The news headlines have been flooded with unfortunate attacks with enterprises on both sides of the Atlantic suffering. Whether it’s ransomware, phishing or endpoint attacks, there’s always something on the horizon waiting for its turn in the spotlight. Yet, with 2020 now on our doorstep, cyber security professionals are concerned with what new threat vectors may...

Read more
Jeremy Corbyn

This week, the Labour Party reported a "sophisticated, large scale cyber attack" hitting its digital platforms. What is believed to have been a Distributed Denial of Service attack was blocked by the party's cybersecurity systems. The Labour Party reported the attack to the National Cyber Security Centre, and the party leader, Jeremy Corbyn, admitted to the Independent that the event made him "very nervous" about the upcoming elections. Here's what cybersecurity experts had to say...

Read more
Anatomy of an Advanced Persistent Threat

By Tarik Saleh, Senior Security Engineer at DomainTools Advanced Persistent Threats are long term patterns of network exploitation that go undetected for extended periods of time and are usually aimed at high profile targets such as governments, higher education institutions, political activists, and companies. They are often motivated by economic, political, and financial reasons, and the attacks tend to be highly targeted, resourceful, and risk tolerant.   The typical APT involves several phases:   Infiltration/Initial compromise:  This...

Read more
I think therefore IAM

“I think therefore I am.” - René Descartes This isn’t just a pompous philosophical proposition of autonomy, instead it is a timely piece of advice for ensuring corporate cybersecurity. Descartes really was ahead of his time! Identity and access management (IAM) plays an important part in securing your IT infrastructure by mitigating risk from both external cyberattack, and internal threat. Any company that thinks seriously about protecting sensitive information about their employees or customers should...

Read more
Cyber security tools protection

Written by John Czupak, CEO, ThreatQuotient There’s something big brewing in the world of security operations, but what exactly is it? We are regularly inundated with various descriptions of useful tools and capabilities (think Security Orchestration, Automation and Response (SOAR), Threat Intelligence Platforms (TIPs), Security Incident Response (SIR), Hunting and more). Unfortunately, many of us are equally confused about the fundamental capabilities of these technologies, and more pointedly, what problems they aim to solve. Perhaps...

Read more
Page 1 of 39 1 2 39