Ransomware writers are now targeting cloud service providers with network file encryption attacks as a way to hold hostage the maximum number of customers that they can, notes Chris Morales, head of security analytics for Vectra. He also discusses Vectra's new ransomware report, which offers tips for protecting against virtual hostage taking. Read More
Qualys's Chairman and CEO, Philippe Courtot talks about changes in the security landscape he's witnessed during the company's 20-year lifespan, as well as what motivated the vendor to give away its Global IT Asset Discovery and Inventory app for free. Read More
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption. Read More
A group of mostly Nigerian nationals attempted to steal $46 million through business email compromise and romance scams, the FBI reports. Read More
Containers, virtual machines, and the advent of DevOps as a software creation tool all put new pressures on organizations' security strength, according to Dan Hubbard, CEO of Lacework. Cloud's ability to offer scale, capacity, and processing power may even exacerbate the vulnerabilities unless properly managed, he adds. Read More
Virtual machine giant's big cloud move includes plans to shell out $2.7 billion in stock transactions for Pivotal Software. Read More
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks. Read More
Enterprises must regularly validate their security efficacy based on real-time conditions, not compliance criteria, says John Weinschenk, General manager, Enterprise Network and Application Security of Spirent. That sort of testing returns actionable data to tune devices, update policies, and fortify defenses before they are compromised, he adds. Read More
The following hardware and software options will amplify your know-how about artificial intelligence and how to apply it to security - without busting any budgets. Read More
Lots of re-used code, cost pressures and long lead times for application software all lead to porous security where application software is concerned, says Chris Eng, Chief Research Officer for Veracode. But an emerging role he calls a "security champion" can help circumvent those problems and make apps safer for everyone. Read More
Creativity flowed, but two captions rose to the top. Read More
End-user organizations have their security management tools, but so do cloud service providers, and that forces some hard questions about whose tools will be used to keep everything locked down, says Jesse Rothstein, CTO and Co-Founder of ExtraHop. And he makes the case that better data hygiene can help decrease the chances of a breach. Read More
Social engineering remains the top vulnerability organizations face because humans remain the easiest way to access networks or databases, says Stu Sjouwerman, Founder and CEO of KnowBe4. Regular training sessions coupled with creation of a "human firewall" remain the most effective protections against social engineering and phishing, he adds. Read More
Against the backdrop of consolidation in the SIEM and SOAR sectors, infosec professionals are deploying some combination of analytics and security, according to Haiyan Song, Senior Vice President & General Manager of Security Markets for Splunk. Analytics helps organizations make better decisions and detect anomalies faster, she adds. Read More
As the CIO for both Formula 1 and NASCAR racing teams, Gary Foote is tackling the same security issues as other manufacturing CIOs - with a huge dash of motorized mayhem thrown in. Read More
Criminals appear to have developed it knowing some users have not patched or updated to newer versions, Trend Micro says. Read More
Bad actors move faster than threat intelligence feeds and the infosec pros who monitor them, notes Joakim Kennedy, Threat Intel Manager for Anomali Research. Organizations need to establish a dedicated team to manage threat intel, and an adequate budget. Kennedy also encourages intelligence sharing as part of a stepped-up protection strategy. Read More
Microsoft remains the favorite brand to spoof in phishing campaigns, but more attackers are impersonating Facebook. Read More
