Security News

Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers internal and external attack vectors, application development and mobile app security, social engineering and phishing, and PCI- and FedRAMP-specific findings, with data segmented by industry and company size. Long-term data shows that cyber risk significantly shifts year over year based on company size, vertical market, and many other factors.

Any discussion about device management would not be complete without talking about unified endpoint management solutions. Apple Business Manager or ABM helps configure and deploy Apple devices, so why should you spend more resources upgrading to a dedicated UEM? To put it simply, the access to capabilities that a UEM provides is unrivaled.

As attackers rely on a range of automated offensive testing tools to scan their targets' attack surfaces and propagate inside their network, a purely reactive defensive stance based on detection and response is increasingly likely to be overwhelmed by an attack. The logical tactical move is to emulate attackers' TTPs and behaviors beforehand by integrating attack simulation tools to continuously validate the impermeability of the attack surface as a whole, the efficacy of security controls, as well as access management and segmentation policies, etc.

The attack infrastructure used to target Cisco in the May 2022 incident was also employed against an attempted compromise of an unnamed workforce management solutions holding company a month earlier in April 2022. Initial access to the company's IT network was made possible by using stolen Virtual Private Network credentials, followed by leveraging off-the-shelf tools for lateral movement and gaining deeper access into the victim's environment.

In this Help Net Security video, Jon Hencinski, VP of Security Operations at Expel, talks about how their SOC team has recently observed Business Email Compromise (BEC) attacks across multiple...

During AWS re:Inforce, Amazon executives emphasized how important access control is when it comes to cloud security and why IT leaders need to ask who has access to what and why. The executives emphasized the importance of enabling multi-factor authentication and blocking public access, with Kurt Kufeld, vice president of AWS platform, going as far as to say it "Will absolutely save lives."

The number of organizations that will be either unable to afford cyber insurance, be declined cover, or experience significant coverage limitations is set to double in 2023, according to Huntsman Security. This Help Net Security video uncovers why so many organizations are losing cyber insurance as an important risk management tool.

UTM is thought to be an all-in-one solution for cybersecurity. In general, it is a versatile software or hardware firewall solution integrated with IPS and other security services.

49% of respondents to a recent Twitter poll carried out by Osirium Technologies describe endpoint management security within their organization as non-existent. Endpoint management allows IT teams to identify, monitor and control end-users' access to corporate networks and systems.

As last week's hacker summer camps would down it's clear that attendee numbers are still well down on the pre-COVID days, although things are recovering. Risk management is a key tenet of security and there was much discussion in the weeks and months before the shows about whether flying into Las Vegas and spending a week in crowded hotels was worth the risk.