Category: Data Security

Published on November 9, 2023

via Bleeping Computer The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common cybersecurity misconfigurations discovered by their red and blue teams in the networks of large organizations. Today's advisory also details what tactics, techniques,…

Published on October 3, 2023

via The Hacker News Weak password policies leave organizations vulnerable to attacks. But are the standard password complexity requirements enough to secure them? 83% of compromised passwords would satisfy the password complexity and length requirements of compliance standards. That's because bad actors already have access to billions…

Published on October 2, 2023

via Dark Reading The NFL is workshopping game plays for Super Bowl LVIII — of the cybersecurity sort. Looking to juice up its defense, the league worked with the Cybersecurity and Infrastructure Security Agency (CISA) and Super Bowl LVIII stakeholders during a tabletop exercise that…

Published on September 25, 2023

via Dark Reading Basic security hygiene is more impactful than you may realize. While industry headlines are often dominated by emerging tech and the latest software or hardware solutions, base-level security hygiene still protects against 98% of attacks. This includes measures such as applying zero-trust principles or keeping…

Published on September 25, 2023

via Dark Reading Twin cyberattacks on MGM Resorts and Caesars Entertainment have provided a singular view into what happens when two similar organizations, under similar attacks by the same threat actor, pursue contrasting incident response strategies.  In this instance, both were victims of a Scattered Spider…

Published on September 8, 2023

via Dark Reading For far too long, the cybersecurity industry has primarily focused on protecting the largest organizations from sophisticated and constantly evolving cyberattacks. While extremely important, this narrow focus has come at the expense of smaller or midsize organizations that don't have the same…

Published on August 23, 2023

via Dark Reading For far too long, the cybersecurity industry has primarily focused on protecting the largest organizations from sophisticated and constantly evolving cyberattacks. While extremely important, this narrow focus has come at the expense of smaller or midsize organizations that don't have the same…

Published on August 3, 2023

via Security Intelligence The 2023 Identity Security Threat Landscape Report from CyberArk identified some valuable insights. 2,300 security professionals surveyed responded with some sobering figures: 68% are concerned about insider threats from employee layoffs and churn 99% expect some type of identity compromise driven by financial cutbacks, geopolitical factors, cloud applications and…

Published on August 1, 2023

via SC Magazine Forescout’s list of riskiest connected devices for 2023 includes seven fresh entries that security teams should keep in mind as they look to secure their assets. The latest version of the cybersecurity vendor's annual list, released July 13, adds a number of…

Published on July 10, 2023

via Planet Mainframe “If you spend more on coffee than on IT security, you will be hacked.”  That was according to Richard Clarke, former special advisor on cybersecurity to the US President. He added, “What’s more, you deserve to be hacked,” which does seem a…