Security News

As browser-makers move to defang third-party cookies, marketers are increasingly switching to alternative tracking techniques. In 2019, Firefox was equipped with Enhanced Tracking Protection by default, blocking known trackers, third-party tracking cookies and cryptomining scripts.

Boffins based in Belgium have found that a DNS-based technique for bypassing defenses against online tracking has become increasingly common and represents a growing threat to both privacy and security. In a research paper to be presented in July at the 21st Privacy Enhancing Technologies Symposium, KU Leuven-affiliated researchers Yana Dimova, Gunes Acar, Wouter Joosen, and Tom Van Goethem, and privacy consultant Lukasz Olejnik, delve into increasing adoption of CNAME-based tracking, which abuses DNS records to erase the distinction between first-party and third-party contexts.

Sequitur Labs announced new packages for the EmSPARK Security Suite that allows manufacturers to secure embedded designs for industrial, consumer, smart home and health care applications quickly and painlessly. The EmSPARK Security Suite Base package provides essential security defenses for IoT applications in a turnkey solution that is easy to install, integrate and manage.

CyberSheath launched its Managed IT Services for Defense Contractors to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government. The managed services include a Shared Security Compliance Framework to ensure compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and the new DFARS 252.204-7019-7021 CMMC requirements.

Chaos engineering is a way for security teams to replace continuous firefighting with continuous learning, according to two industry experts. At the RSA 365 Virtual Summit this week, Aaron Rinehart, CTO and co-founder Verica, and Jamie Dicken, manager of applied security at Cardinal Health, explained how this approach to IT security works.

Bringing more than 36 years of Department of Defense and Intelligence Community cybersecurity experience, Heckman will partner with clients to deliver cyber resilience for DoD policy, strategy, IT and weapon system cybersecurity. His focus encompasses all aspects of cyber and secure information sharing, ranging from innovative approaches to cyber strategy, policy, security architecture and engineering, to initiatives such as controls for IT modernization, Risk Management Framework transformation, identity and access management evolution and data protection.

Owl Cyber Defense Solutions announced the acquisition of the Trident Assured Collaboration Systems product line. The acquisition gives Owl a broader range of certified network perimeter defense solutions than any competitor in the market.

The onset of 5G - which introduces new network architectures, services and devices - raises the stakes and increases the challenge for network operators. The European Union is one such organization taking the lead. It has analyzed numerous risk scenarios and has come up with a toolbox that outlines nine mitigating measures and supporting actions that member states and network operators can leverage to defend themselves.

In the Department of Defense the display reinvigorated interest in counter-swarm tactics research, for drones and swarming tactics can have applications in all warfighting domains. It enables Kaminer's group to establish a multi-university, multi-year effort to develop an operational planning simulation for defense against an attacking drone swarm.

Security defense strategy can be extremely complex, with security teams grappling with tens of thousands of information points and evolving attacker techniques, said Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs. FortiGuard Labs has created threat playbooks to help companies deal with this complexity, by exposing attack techniques utilized by attackers.