Security News

Rapid7 says Computer Misuse Act should include 'good faith' infosec research exemption
2021-09-03 15:16

Infosec firm Rapid7 has joined the chorus of voices urging reform to the UK's Computer Misuse Act, publishing its detailed proposals intended to change the cobwebby old law for the better. "It's worth noting that neither the National Crime Agency or the CPS seem to be recklessly pursuing frivolous investigations or prosecutions of good-faith security research. Nonetheless, the current legal language does expose researchers to legal risk and uncertainty, and it would be good to see some clarity on the topic," said Rapid7 in a blog post published over the sleepy summer period.

New infosec products of the week: September 3, 2021
2021-09-03 06:00

Absolute DataExplorer enables IT and security teams to capture critical endpoint data. Anomali XDR features extend visibility over a wider range of threat information sources.

Slap on wrist for NCC Group over CREST exam-cheating scandal as infosec org agrees to rewrite NDAs and more
2021-08-27 15:55

British infosec firm NCC Group has been rapped over the knuckles after infosec accreditation body CREST found it was "Vicariously responsible" for employees who helped staff cheat certification exams. "On two occasions between 2012 and 2014, the examination-related activities of one of more NCC Group employees and candidates breached the CREST Code of Conduct and NCC Group was, as their employer, vicariously responsible for those individuals at the time," said CREST. The certification body added that NCC Group's actions also breached its non-disclosure agreements, signed by exam candidates to confirm they won't reveal the exams' contents to anyone.

New infosec products of the week: August 27, 2021
2021-08-27 06:00

Here's a look at the most interesting product releases from the past week, featuring releases from ARMO, Palo Alto Networks, Guardicore, Radiflow and Ermetic. Palo Alto Networks Cortex XDR 3.0 automates threat detection and investigation across cloud environments.

New infosec products of the week: August 20, 2021
2021-08-20 05:30

The FireEye XDR platform provides native security protections for endpoint, network, email, and cloud with a focus on improving organizations' capabilities for controlling incidents from detection to response. SailPoint Workflows enables customers to automate security tasks with no coding required.

China stops networked vehicle data going offshore under new infosec rules
2021-08-13 06:58

China has drafted new rules required of its autonomous and networked vehicle builders. Data security is front and centre in the rules, with manufacturers required to store data generated by cars - and describing their drivers - within China.

New infosec products of the week: August 13, 2021
2021-08-13 05:45

NETGEAR Armor offers enhanced security and threat detection for the smart connected home. Unlike traditional endpoint antivirus products, NETGEAR Armor is built into the router to monitor activity going to and from the internet, protecting the devices on your network and eliminating the need and cost for multiple security subscriptions or software.

New infosec products of the week: August 6, 2021
2021-08-06 06:20

Here's a look at the most interesting product releases from the past week, featuring releases from McAfee, AppOmni, Satori, SentinelOne, and Optiv Security. The AppOmni SaaS Security Management platform, which offers a full suite of SaaS security posture, protection, and monitoring capabilities, covers the most widely adopted and business-critical SaaS applications on the market including Salesforce, ServiceNow, Microsoft 365, Microsoft Teams, GitHub, Workday, Box, Slack, and Zoom.

SolarWinds urges US judge to toss out crap infosec sueball: We got pwned by actual Russia, give us a break
2021-08-04 15:34

SolarWinds is urging a US federal judge to throw out a lawsuit brought against it by aggrieved shareholders who say they were misled about its security posture in advance of the infamous Russian attack on the business. Financial newswire Reuters reported that the suit was originally filed over allegations that former SolarWinds chief exec Kevin Thompson cut cybersecurity efforts in the hope of driving greater dividends into the pockets of major investors, Silver Lake and Thoma Bravo, who each reportedly held around 40 per cent of SolarWinds' stocks at the time.

New infosec products of the week: July 30, 2021
2021-07-30 06:30

Here's a look at the most interesting product releases from the past week, featuring releases from Ivanti, Stellar Cyber, SpecterOps, Aqua Security, Infinipoint, Acronis, and Neustar. Stellar Cyber announced a major leap to boost security analyst efficiency to identify attacks earlier.