Security News
These features combine automation with scalability to accelerate security compliance programs with automated framework mapping, evidence collection, and continuous monitoring, as well as providing the ability for teams to leverage applications and data sources. Orca Security unveils Shift Left Security capabilities to prevent cloud application issues.
Eleven significant tech-aligned industry associations from around the world have reportedly written to India's Computer Emergency Response Team to call for revision of the nation's new infosec reporting and data retention rules, which they criticise as inconsistent, onerous, unlikely to improve security within India, and possibly harmful to the nations economy. The rules were introduced in late April and are extraordinarily broad. For example, operators of datacenters, clouds, and VPNs, are required to register customers' names, dates on which services were used, and even customer IP addresses, and store that data for five years.
Leaders of the Quad alliance - Australia, India, Japan, and the USA - met on Tuesday and revealed initiatives to strengthen collaboration on emerging technologies and cybersecurity, with an unspoken subtext of neutralizing China. "Today, we - prime minister Anthony Albanese of Australia, prime minister Narendra Modi of India, prime minister Fumio Kishida of Japan, and president Joe Biden of the United States - convene in Tokyo to renew our steadfast commitment to a free and open Indo-Pacific that is inclusive and resilient," declared the Quad in a very formal statement.
Indian IT shops have been handed another extraordinarily short deadline within which to perform significant infosec work. MII boards must sign off on lists of critical systems.
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. Threat actors commonly use these exploits to conduct attacks or spread laterally within a network.
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. Threat actors commonly use these exploits to conduct attacks or spread laterally within a network.
India has slightly softened its controversial new reporting requirements for information security incidents and made it plain they apply to multinational companies. The rules were announced with little advance warning in late April and quickly attracted criticism from industry on grounds including the requirement to report 22 different types of incident within six hours, a requirement to register personal details of individual VPN users, and retention of many log files for 180 days.
Work toward an InfoSec certification with this online training bundle We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Want to break into the InfoSec field? The 2022 Ultimate Information Security Certification Bundle offers a great first step.
Orca Security adds attack path analysis capability to improve the effectiveness of security teams. Keysight Technologies released CyPerf 2.0, a new subscription-based software solution that enables network equipment manufacturers to validate the performance and security of their offerings when deployed in complex distributed cloud environments utilizing zero trust security policies.
India's Computer Emergency Response Team has given many of the nation's IT shops a big job that needs to be done in a hurry: complying with a new set of rules that require organizations to report 20 different types of infosec incidents within six hours of detection, be they a ransomware attack or mere compromise of a social media account. The national infosec agency stated the short deadline is needed as it has identified "Certain gaps causing hindrance in incident analysis."