Security News

New infosec products of the week: October 22, 2021
2021-10-22 06:00

ThreatConnect launches Risk Quantifier 6.0 to bring cyber risk quantification for businesses. ThreatConnect Risk Quantifier enables companies to see the financial risks they face from cyber attacks and also prioritize investments that provide ROI. RQ's calculations are informed by your internal environment, threat intelligence, vulnerability management, operations and response data found within ThreatConnect and other integrations.

Crims target telcos' Linux and Solaris boxes, which don't get enough infosec love
2021-10-20 05:40

Security vendor CrowdStrike claims it's spotted the group and that it "Has been consistently targeting the telecommunications sector at a global scale since at least 2016 to retrieve highly specific information from mobile communication infrastructure, such as subscriber information and call metadata." The gang appears to understand telco operations well enough to surf the carrier-to-carrier links that enable mobile roaming, across borders and between carriers, to spread its payloads. "Whatever the group is called, the pair write that it"employs significant operational security measures, primarily establishing implants across Linux and Solaris servers, with a particular focus on specific telecommunications systems, and only interacting with Windows systems as needed.

New infosec products of the week: October 15, 2021
2021-10-15 05:40

Here's a look at the most interesting product releases from the past week, featuring releases from Aqua Security, AT&T, Datto, Huntress and ReliaQuest. ReliaQuest releases two capabilities within its XDR platform to improve security operation efficacies.

Incident Response: 5 Principles to Boost the Infosec/Legal Relationship
2021-10-11 12:00

Around half of organizations polled for Kroll's The State of Incident Response 2021 report said that their teams lack clarity around when to engage legal counsel about a potential incident. The multi-layered nature of incident response demands input from resources across an organization, particularly legal.

New infosec products of the week: October 8, 2021
2021-10-08 05:30

Here's a look at the most interesting product releases from the past week, featuring releases from Abnormal Security, Pradeo, Qualys, Semperis and Swimlane. Pradeo's mobile application security suite extends its coverage with new app shielding service.

Cyber Security WEBINAR — How to Ace Your InfoSec Board Deck
2021-10-06 23:30

On the one hand, security leaders and CISOs must be able to communicate strategies clearly - instructions, incident response plans, and security policies. More so than just talking about the dollar value of a security policy security leaders need to show the importance of processes, tasks, decisions, and how threats and other security risks impact the math.

Infosec products of the month: September 2021
2021-10-04 04:30

Absolute DataExplorer enables IT and security teams to capture critical endpoint data. The Absolute DataExplorer tool enables administrators to answer key questions about their employees' endpoints with the ability to expand data capture and reporting beyond what is typically available through standard device and security management tools, without requiring professional services or advanced coding skills.

New infosec products of the week: October 1, 2021
2021-10-01 06:00

Elastic announced expanded Limitless Extended Detection and Response capabilities across the Elastic Security solution in its 7.15 release, including new layers of prevention for Windows, macOS and Linux, and host isolation for cloud-native Linux environments. Cloudflare announces free email offerings to prevent phishing and increase security.

Ransomware crim: Yeah, what I do is bad. No, I don't care. Yes, infosec bods are all mouth and no trousers
2021-09-30 19:00

Someone claiming to be a former contractor for the REvil ransomware gang has given an interview to a security firm, saying he struggles to sleep at night but isn't ashamed of what he does. "In the normal world, I was called a contractor - doing some tasks for many ransomware collectives that journalists consider to be famous," said the threat actor, using the handle Antivirus.

Give put-upon infosec bods professional recognition to keep them working for you, says chartered institute
2021-09-29 10:00

As the UK infosec industry prepares for government initiatives intended to expand the sector, how should existing companies keep skilled professionals from jumping ship? Amanda Finch, CEO of the Chartered Institute of Information Security, tells us a thing or two about what she thinks works. "People tend to stay in roles if they are being developed," Finch tells The Register just after the institute's annual conference.