Security News

Week in review: SMBGhost exploit, OneDrive security, PCI compliance misconceptions
2020-06-14 13:45

Organizations are creating the perfect storm by not implementing security basicsEuropean organizations have a false sense of security when it comes to protecting themselves, with only 68% seeing themselves as vulnerable, down from 86% in 2018, according to Thales. Average cost of DNS attacks hovering around $924,00079% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. PoC RCE exploit for SMBGhost Windows flaw releasedA security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions.

Abacode partners with Apptega to deliver cybersecurity management and compliance software
2020-06-11 23:30

Abacode announced a collaboration with Atlanta-based Apptega, a leader in cybersecurity management software. "Abacode continues to innovate and partner with great technology companies," said Greg Chevalier, SVP Partners and Sales Strategy for Abacode.

3 common misconceptions about PCI compliance
2020-06-10 05:30

Not only am I responsible for all of the ongoing compliance and yearly assessments, but I also have to interpret the PCI DSS scriptures on how PCI affects products, initiatives, and platform decisions. I'm honestly surprised that so many vendors operating in areas that impact PCI compliance have virtually no clue about how their products affect or are affected by PCI. After all, there's no excuse to be clueless.

Crypto.com hires Antonio Alvarez as Chief Compliance Officer
2020-06-07 22:45

Crypto.com announced the appointment of Antonio Alvarez as Chief Compliance Officer. Antonio will be responsible for leading worldwide regulatory compliance across Crypto.com's entire product ecosystem.

Kudelski Security enables Microsoft clients to simplify their security and compliance strategy
2020-06-05 02:30

Kudelski Security, the cybersecurity division within the Kudelski Group, announced the launch of its dedicated Microsoft Security services, enabling clients to effectively consume and configure Microsoft security capabilities and add additional monitoring to their Microsoft 365 and Azure environments. In addition to providing a dedicated Microsoft focus, Kudelski Security offers clients a combination of proprietary, native cloud security monitoring capabilities as well as teams of experienced engineers to help deploy, operate, and maintain comprehensive cybersecurity programs.

Tasks associated with SOX compliance continue to be significant
2020-06-03 03:30

The longstanding challenges associated with compliance with the Sarbanes-Oxley Act, such as the cost of compliance and reliance on time-consuming manual tasks, are being exacerbated by the COVID-19 pandemic, as finance and audit teams are required to perform audit tasks remotely. "The tasks associated with SOX compliance continue to be significant and time-consuming," said Brian Christensen, executive vice president and global leader of Protiviti's internal audit and financial advisory practice.

Smarsh Adds Cybersecurity and Compliance to Archiving with Acquisition of Entreda
2020-05-21 12:46

Information archiving firm Smarsh has acquired cybersecurity and compliance firm Entreda. The acquisition adds Entreda's 300 clients from the enterprise wealth management market to Smarsh's 6,000 financial services clients, while bringing new cybersecurity expertise to the secure collection, storage and management of enterprise data.

Verint integrates recording and compliance with Microsoft Teams calling and meeting experience
2020-05-21 00:00

Verint Systems, The Customer Engagement Company, announced the availability of its new Microsoft Teams recording integration which helps businesses across industries centrally capture, retain, analyze, and retrieve all communications from Microsoft Teams calling and meeting scenarios - including voice calling, chat, online meetings, screen sharing and more. Verint has engaged with hundreds of Microsoft customer organizations worldwide for the last decade - to provide sophisticated compliance capabilities for the entire range of Microsoft unified communications while supporting the leading UC, trading turret, mobile, and IP telephony platforms in the market.

Eye-opening statistics about open source security, license compliance, and code quality risk
2020-05-14 04:30

99% of commercial codebases contain at least one open source component, with open source comprising 70% of the code overall, according to Synopsys. The most concerning trend in this year's analysis is the mounting security risk posed by unmanaged open source, with 75% of audited codebases containing open source components with known security vulnerabilities, up from 60% the previous year.

Cybersecurity and compliance: Vital priorities for MSPs and their clients
2020-05-13 04:00

Cybersecurity and, to a lesser but growing extent, compliance are the most pressing priorities for MSPs and their customers this year, according to a Kaseya survey of 1,300 owners and technicians of MSP firms in more than 50 countries. "As more small and midsize businesses look to maintain vital security operations and decrease IT costs internally ahead of an economic downturn, they will lean on the expertise and services provided by MSPs to keep their companies operating."