Security News

A holistic approach to vulnerability management solidifies cyberdefenses
2021-10-07 18:46

Vulnerability scanners are not enough, according to an expert who champions an all-encompassing holistic approach to vulnerability management as a means to eliminate surprises. If that's not bad enough, there is confusion surrounding managing vulnerabilities, with most organizations depending on vulnerability scanners and some kind of policy as to when to update or patch the software/hardware.

Winning the Cyber-Defense Race: Understand the Finish Line
2021-08-27 20:16

Thus, security teams often place focus on the race itself and forget about the actual goal or finish line. For example: "Our mission is to continuously improve the organization's security posture by preventing, detecting, analyzing and responding to cybersecurity incidents." It is missing the finish line.

Department of Energy expands its CyberForce program to include more cyber defense events
2021-07-24 22:15

The U.S. Department of Energy CyberForce program is expanding this year to include more cyber competitions, webinars and career resources. In 2021, students have many more opportunities to learn about cybersecurity topics and compete within the CyberForce program.

Owl Cyber Defense opens new regional office in Abu Dhabi
2021-07-14 22:10

Owl Cyber Defense Solutions announced the opening of its new regional office, located in Abu Dhabi. The new office, hosted and sponsored by Al Makamin Commercial Projects LLC, part of Sultan International Holding, LLC -, will house Owl's in-region field staff that support the company's growing customer base of oil and gas, petrochemical, power generation, transmission and distribution, nuclear, renewable energy and water/wastewater operators; along with serving government agencies.

Accenture acquires Sentor to enhance its cyber defense services in Sweden
2021-06-29 23:00

Accenture has acquired Sentor, a Sweden-based independent provider of cyber defense and managed security services. The company's portfolio includes advisory services, security testing, managed detection and incident-response capabilities, powered by a 24/7/365 security operations center in Stockholm.

Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access
2021-06-23 15:39

A critical security bug in Palo Alto Networks' Cortex XSOAR could allow remote attackers to run commands and automations in the Cortex XSOAR War Room and to take other actions on the platform, without having to log in. Found internally by Palo Alto, the bug is an improper-authorization vulnerability that "Enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API," according to the security vendor's Tuesday advisory.

Are your cyber defenses stuck in the sandbox?
2021-06-14 04:30

As more businesses move their critical data and cybersecurity defenses to the cloud and the volume of network traffic increases substantially, enterprise cybersecurity teams are rethinking their use of sandbox environments. It's becoming increasingly easier to avoid the sandbox as enterprises generally direct only a sampling of their traffic to the sandbox.

US Pipelines Ordered to Increase Cyber Defenses After Hack
2021-05-27 14:24

U.S. pipeline operators will be required for the first time to conduct a cybersecurity assessment under a Biden administration directive in response to the ransomware hack that disrupted gas supplies in several states this month. The Transportation Security Administration directive being issued Thursday will also mandate that the owners and operators of the nation's pipelines report any cyber incidents to the federal government and have a cybersecurity coordinator available at all times to work with authorities in the event of an attack like the one that shut down Colonial Pipeline.

Biden Signs Order to Beef Up Federal Cyber Defenses
2021-05-13 00:12

President Joe Biden signed an executive order Wednesday meant to strengthen U.S. cybersecurity defenses in response to a series of headline-grabbing hacking incidents that highlight how vulnerable the country's public and private sectors are to high-tech spies and criminals operating from half a world away. The order will require all federal agencies to use basic cybersecurity measures, like multi-factor authentication, and require new security standards for software makers that contract with the federal government.

Inside The UK's Active Cyber Defense Program
2021-05-12 15:45

UK's National Cyber Security Centre highlights the success of its Active Cyber Defence program. The UK's National Cyber Security Center Active Cyber Defense program is an ambitious project designed to improve the security posture of an entire nation.