March 18, 2024
Via: TechRadarThe UK National Cyber Security Center (NCSC) has released new guidance on securing supervisory control and data acquisition (SCADA) cloud environments for operational technology (OT). UK critical national infrastructure (CNI) is highly dependent on SCADA as a means for data […]
March 12, 2024
Via: CSO OnlineGoogle’s new Security Command Center Enterprise (SCC Enterprise) could streamline cloud risk management through AI automation, saving security teams time, experts say. Enhanced with Mandiant threat intelligence and generative AI, SCC Enterprise aims to offer comprehensive insights across the cloud […]
March 11, 2024
Via: Computer WeeklyPaaS is a cloud model through which service providers deliver an environment where customers can develop, run and manage applications. Because PaaS providers host the hardware and software on their infrastructure, customers aren’t burdened with having to do so in-house. […]
March 7, 2024
Via: Network WorldThe cybersecurity threat landscape has changed dramatically in recent years. Today, adversaries are more motivated than ever to penetrate enterprise data centers and steal valuable information. Therefore, adopting the concept of Zero Trust is the number one trend in enterprise […]
March 5, 2024
Via: CIOData volumes continue to grow exponentially, and there’s no end in sight. IDC predicts that the amount of commercial data in storage will be 12.8 ZB by 2026. A typical novel contains 1 MB of data and is about 12 […]
February 28, 2024
Via: CIO DiveAs organizations migrate more workloads, the pressure to keep a lid on cloud cost intensifies. Enterprises prioritized optimization in 2023, leaning on providers to deliver better usage data and implementing FinOps practices to track and trim spending. Kubernetes, the open […]
February 28, 2024
Via: Computer WeeklyA common misconception around IT security is that backups equate to ransomware protection. Backups can be crucial to recovery and keeping data safe. However, they are not immune to the ransomware threat. If an attacker has infiltrated the primary data […]
February 26, 2024
Via: CIO DiveThreat actors are taking advantage of inconsistent cloud security structures and “living in that uncertainty between the enterprise and the cloud,” Meyers said last week during a media briefing. Cybercriminals are using the cloud to deploy tooling, such as Microsoft […]
February 22, 2024
Via: Network WorldNetwork teams and cybersecurity teams are collaborating more and more, we’ve found in our research at Enterprise Management Associates (EMA). We explored this issue most recently in our report, “NetSecOps: Examining How Network and Security Teams Collaborate for a Better […]
February 14, 2024
Via: Network WorldInfoblox is rolling out an AI-based package to bolster its domain name system (DNS) protection portfolio and boost security for widely disbursed, DNS-networked enterprise resources. SOC Insights is a cloud-based expansion of the vendor’s current BloxOne DNS Threat Defense package. […]
February 14, 2024
Via: CSO OnlineStriking a balance between sufficient visibility into cloud computing environments and the potential for an overdose of false positives and duplicate alerts is the key challenge facing cloud security professionals, according to the State of Security Remediation report from the […]
February 13, 2024
Via: CSO OnlineThe runaway success of Kubernetes adoption by enterprise software developers has created motivation for attackers to target these installations with specifically designed exploits that leverage its popularity. Attackers have become better at hiding their malware, avoiding the almost trivial security […]
February 12, 2024
Via: Cloud TweaksDynamic Application Security Testing (DAST) is an automated testing process designed to identify security vulnerabilities in a web application. It does this by simulating attacks on the application and analyzing the responses. Unlike static testing, which analyzes an application’s code, […]
February 9, 2024
Via: CSO OnlineCisco has fixed three serious cross-site request forgery (CSRF) vulnerabilities in its Expressway Series collaboration gateway and a denial-of-service (DoS) flaw in the ClamAV anti-malware engine. CSRF flaws allow unauthenticated attackers to perform arbitrary actions on vulnerable devices by tricking […]
February 8, 2024
Via: CSO OnlineThe aggressive use of large language models (LLMs) across enterprise environments in 2024 presents a new headache for CISOs. LLMs have their own cybersecurity challenges, especially with data leakage. The cloud has its own issues, with cloud platform providers making […]
February 6, 2024
Via: CSO OnlineCisco has announced plans to infuse new security and AI capabilities within Cisco Security Cloud, the company’s integrated, cloud-based security platform designed to secure on-premise, cloud, and hybrid environments, using in-house as well as third-party telemetry. New capabilities include Cisco […]
February 6, 2024
Via: Network WorldCisco is updating elements of its overarching Security Cloud platform to help enterprise customers better protect widely distributed resources. The enhancements include a new service called Identity Intelligence that brings together information from the vendor’s existing security products, such as […]
February 5, 2024
Via: CSO OnlineCloudflare has revealed that a nation-state actor hacked into the company’s self-hosted Atlassian server in November 2023, but the attack was stopped by the internal team within a few days of access. The hack, which used stolen tokens and credentials, […]
February 2, 2024
Via: TechRadarCloudflare is laying the blame for the cyberattack it suffered late last year the after-effects of the critical Okta breach. The content delivery service provider has published a blog post detailing the cybersecurity incident it suffered on Thanksgiving Day 2023, […]
January 26, 2024
Via: CSO OnlineCisco fixed a critical flaw this week that affects multiple Unified Communications and Contact Center Solutions products and could be exploited remotely by unauthenticated attackers to execute arbitrary code on impacted devices. Medium severity vulnerabilities have also been patched in […]