Security News

CISA proposes new security requirements to protect govt, personal data
2024-10-22 22:11

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is proposing security requirements to prevent adversary states from accessing American's personal data as well as government-related...

Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers
2024-10-22 14:12

Details have emerged about a now-patched security flaw in Styra's Open Policy Agent (OPA) that, if successfully exploited, could have led to leakage of New Technology LAN Manager (NTLM) hashes....

Can Security Experts Leverage Generative AI Without Prompt Engineering Skills?
2024-10-22 13:13

A study at Rensselaer Polytechnic Institute presented at ISC2 Security Congress compared ChatGPT-written training prompted by security experts and prompt engineers.

IT security and government services: Balancing transparency and security
2024-10-22 04:30

Government information technology leaders find themselves at a challenging balance point: On one end of the scale are increasing threats from cyber actors, bolstered by advanced technology like...

ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks
2024-10-21 17:19

CISA advisor Nicole Perlroth closed out ISC2 Security Congress’ keynotes with a wake-up call for security teams to watch for nation-state-sponsored attacks.

Guide:  The Ultimate Pentest Checklist for Full-Stack Security
2024-10-21 11:25

Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists...

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers
2024-10-21 06:59

Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. "The...

Tesla, Intel, deny they're the foreign company China just accused of making maps that threaten national security
2024-10-21 05:33

As TSMC defends itself against report it may have helped Huawei Tesla has denied it was involved in illegal-map making activities in China after Beijing asserted an unnamed foreign firm working on...

Acronym Overdose – Navigating the Complex Data Security Landscape
2024-10-19 09:30

In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures,...

Justice Department Indicts Tech CEO for Falsifying Security Certifications
2024-10-18 13:58

The Wall Street Journal is reporting that the CEO of a still unnamed company has been indicted for creating a fake auditing company to falsify security certifications in order to win government business.