Security News

New infosec products of the week: June 18, 2021
2021-06-18 06:00

Deepwatch MOBILE gives cybersecurity experts real-time visibility into their SOC. deepwatch MOBILE provides customers real-time insight into their Security Operations Center and timely threat intelligence delivered to their mobile phone. ShiftLeft allows users to validate the accuracy of ShiftLeft CORE using OWASP Benchmark.

New infosec products of the week: June 11, 2021
2021-06-11 06:00

Expel for Microsoft automates security operations across the Microsoft tech stack. Expel for Microsoft automates security operations across the Microsoft tech stack, including Active Directory, AD Identity Protection, Azure, MCAS, Microsoft Defender for Endpoint, Office 365 and Sentinel.

We're right behind Computer Misuse Act reforms for busting ransomware gangs, says UK infosec industry
2021-06-07 11:30

British infosec businessees mostly support beefing up the Computer Misuse Act to directly tackle the ransomware crisis - while reform campaign CyberUp has written to Home Secretary Priti Patel offering "Support" for "a renewed, forward looking framework". A number of firms that spoke to The Register expressed firm support for changes to the act that make it easier for law enforcement to pursue and convict ransomware extortionists.

Military infosec SNAFUs: What WhatsApp and bears in the woods can teach us
2021-06-07 08:32

Fans of John le Carré's Tinker Tailor Soldier Spy know how top military secrets are extracted from the enemy. If head KGB spy Karla wanted to learn intricate details of the British military today, he'd just have to check WhatsApp.

New infosec products of the week: May 28, 2021
2021-05-28 06:00

NetWitness Cloud SIEM delivers cloud-based threat detection and response. Imperva Data Privacy protects and reports on personal data across all data assets.

Debunking infosec purity and other security myths in the wake of recent attacks
2021-05-27 20:25

The security team at Forrester busts a number of security myths. Recently, an op-ed sent information security Twitter into a tizzy by blaming cybersecurity industry best practices for recent high-profile security breaches.

Fujitsu pulls ProjectWEB tool offline after apparent supply chain attack sees Japanese infosec agency data stolen
2021-05-27 12:29

A Fujitsu project management suite is causing red faces at the Japanese company's HQ after "Unauthorised access" resulted in data being stolen from government agencies, local reports say. The firm's ProjectWEB tool was reportedly accessed by an unidentified "Third party" who helped themself to data from, among others, Japan's Ministry of Foreign Affairs, its Cabinet Office Cyber Security Centre and the Ministry of Land.

Computer Misuse Act: Tell the Home Office infosec needs a public interest defence in law, says CyberUp campaign
2021-05-26 09:17

Businesses operating in the word of infosec have been urged to write to the Home Office and support a public interest defence being added to the Computer Misuse Act. On a TechUK-organised call to discuss industry's response to the review of the act, British and overseas companies operating in the UK were urged by both the industry body and the Cyberup campaign to tell UK.gov what they think the law ought to say.

vCISO Clinic helps resource-constrained InfoSec leaders
2021-05-24 02:30

Where does the tip of the spear turn to for a helping hand? One popular avenue is to turn to a virtual CISO, an external consultant who can offer strategic advice, suggestions, and help find insights that can be instrumental in building better security systems. With that in mind, Chris Roberts, Cynet's chief security strategist is offering a new program to give InfoSec leaders a new avenue for support, advice, and valuable insights.

New infosec products of the week: May 21, 2021
2021-05-21 06:00

Designed to support modern security organizations increasingly delegating malware analysis to specific security operations or development security operations experts, the ReversingLabs Malware Lab solution equips these teams with a unified threat analysis engine and console to rapidly detect, classify, analyze, and respond to malicious files and associated Indicators of Compromise. Qualys CyberSecurity Asset Management brings security teams the automation they need.