Security News

US and EU infosec authorities pen intel-sharing pact
2023-12-07 18:28

As Cyber Solidarity Act edges closer to full adoption in Europe The US Cybersecurity and Infrastructure Security Agency (CISA) has signed a working arrangement with its EU counterparts to increase...

Infosec products of the month: November 2023
2023-11-30 03:45

Aqua Trivy open-source security scanner now finds Kubernetes security risks. Lacework code security helps prevent security issues from getting into the wild by identifying them before code is deployed, and helps prioritize and fix issues faster, wherever they are found in the application lifecycle.

Former infosec COO pleads guilty to attacking hospitals to drum up business
2023-11-20 17:15

An Atlanta tech company's former COO has pleaded guilty to a 2018 incident in which he deliberately launched online attacks on two hospitals, later citing the incidents in sales pitches. Under a plea deal he signed last week, Vikas Singla, a former business leader at network security vendor Securolytics - a provider to healthcare institutions, among others - admitted that in September 2018 he rendered the Ascom phone system of Gwinnett Medical Center inoperable.

Royal Mail cybersecurity still a bit of a mess, infosec bods claim
2023-11-13 06:31

Infosec in brief After spending almost a year cleaning up after various security snafus, the UK's Royal Mail had an open redirect flaw on one of its sites, according to infosec types. Open redirects essentially allow attackers to use a legitimate website or a web application - in this case, a Royal Mail website - to redirect users to a malicious website by manipulating the URL. It occurs when the application doesn't validate user input, so miscreants can manipulate it as they please.

Infosec pros can secure IT, but have harder time securing job satisfaction
2023-11-02 18:00

The proportion of cybersecurity professionals reporting low "Happiness ratings" has risen sharply over the last 12 months, raising concerns about increasing burnout rates in the industry. The data indicated overall workplace happiness is falling across the board, with both medium and high-satisfaction ratings dropping and "Low satisfaction" ratings the only bracket that grew, increasing by more than five percent.

Infosec products of the month: October 2023
2023-11-01 03:30

Nutanix announced new features in the Nutanix Cloud Platform to strengthen organizations' cyber resilience against ransomware attacks on unstructured data. These new features, available in Nutanix Data Lens and Nutanix Unified Storage solutions, enable organizations to detect a threat, defend from further damage and begin a 1-click recovery process within 20 minutes of exposure.

Microsoft opens early access to AI assistant for infosec, Security Copilot
2023-10-23 13:00

Copilotization of all things continues... as helper offers incident reports to share with the boss and more Microsoft is opening up the early access program for its flagship cybersecurity AI...

Ransomware attacks register record speeds thanks to success of infosec industry
2023-10-10 08:30

The time taken by cyber attackers between gaining an initial foothold in a victim's environment and deploying ransomware has fallen to 24 hours, according to a study. In nearly two-thirds of cases analysed by Secureworks' researchers, cybercriminals were deploying ransomware within a day, and in more than 10 percent of incidents it was deployed within five hours.

Infosec products of the month: September 2023
2023-10-02 02:30

Ciphertex strengthens data security with SecureNAS CX-160KSSD-X. The SecureNAS CX-160KSSD-X storage unit is powered by an Intel Xeon D processor and supports up to sixteen hot-swappable 2.5″ SSDs and two internal 2.5″ SSDs and can store up to 490TB, while improving security and endurance. Librem 11 tablet sets new standard for privacy and security with Linux-based PureOS. Purism introduced the new Librem 11 tablet running secure PureBoot and Linux kernel-based PureOS. Librem 11 is made for individuals, organizations, government agencies, law enforcement agencies, and businesses that need security and privacy with powerful portability.

Russian infosec boss gets nine years for $100M insider-trading caper using stolen data
2023-09-08 00:57

Vladislav Klyushin, the Russian owner of security penetration testing firm M-13, was jailed for nine years in the US on Thursday, for his involvement in a cyber-crime operation that stole top corporations' confidential financial information to make $93 million through insider trading. His alleged Russian co-conspirators, Ivan Ermakov and Nikolai Rumiantcev, remain at large.