Security News > 2021 > July

Profitability plays an important role for a flexible work model. When considering why employers are permanently moving to a more flexible work model, profitability plays an important role.

This means that application security has moved beyond its "Doorman" status of asking "Who's allowed in?" Nowadays, application security should assume that users are already inside the application and focus on asking, "What do we allow them to do?", "What's the expected usage?" and "How do we stop undesirable behavior?". According to Rob Cuddy, the Global Application Security Evangelist at HCL, the fundamental shift enterprises must make in their approach to application security is that securing the application perimeter from external penetration simply doesn't make sense in the era of APIs.

Documents and emails tagged as sensitive through Microsoft's sensitivity labels are automatically protected with persistent, granular usage policies based on the sensitivity level selected. "Classified data is a target as sensitive labels alert nefarious insiders and outsiders to confidential and regulated information such as PII," stated Vishal Gupta, CEO of Seclore.

Facebook on Tuesday revealed it filed two separate legal actions against perpetrators who abused its ad platform to run deceptive advertisements in violation of the company's Terms and Advertising Policies. "In the second case, the defendants are a group of individuals located in Vietnam who got users to self-compromise their Facebook accounts and ran millions of dollars of unauthorized ads."

Mitek introduced Check Fraud Defender, an artificial intelligence-powered, cloud-hosted consortium for financial institutions to counteract check fraud. An important addition to a financial institution's fraud-fighting protocols, Check Fraud Defender helps protect against the growing sophistication of check fraud attacks.

ISARA launched ISARA Advance Crypto Agility Suite, an enterprise solution that allows organizations to discover their cryptographic blind spots and equip them to take action against the looming threat of encryption-breaking quantum computers. Revealing what lurks within organizations' information security infrastructures forms the foundation of cryptographic agility and risk management.

CloudLinux announced as part of its TuxCare security services the launch of QEMUCare Live Patching Service for Linux systems running as virtualization hosts through QEMU, the open source emulator and hardware virtualization platform. "Patching virtualization host systems is a challenge faced by IT security and operations teams because of the impact on performance and availability for the virtual machines running on those systems," said Jim Jackson, president and chief revenue officer, CloudLinux.

Simple tech investments like these, Tebow notes, can be an easy, effective way to end a ransomware attack before it starts. While using modern solutions to defeat modern threats is critical, upgraded defenses alone are not enough in a world where ransomware is considered an inevitability by experts.

RtBrick has announced a new Management API for its disaggregated routing software that simplifies the integration with existing OSS and BSS systems. Analysis Mason has recognized OSS and BSS integration as one of the major industry barriers to adopting network disaggregation, for example.

Continuing its commitment to providing these options, HID Global announced the implementation of the latest MIFARE DESFire EV3 credential. "Our credential based on NXP MIFARE DESFire EV3 delivers this technology's full range of advanced security and privacy capabilities and reinforces them with HID's powerful model for identity data protection," said Harm Radstaak, Senior Vice President and Head of Physical Access Control Solutions with HID Global.