The impact of the Log4j vulnerability on OT networks
Operational Technology (OT) networks are at risk from the recently-announced Apache Log4j (CVE-2021-44228) vulnerability. On the surface, it is not clear why this should be. …
How to implement security into software design from the get-go
Software professionals know that the working relationship between developers and security teams can be complicated. Most security professionals feel it’s part of a …
Europe’s quantum communication plans: Defending against state-sponsored cyber attacks
State-sponsored cyberattacks are on the rise and are a significant part of the future of warfare. Why would a nation send humans to a frontline when it can take out the …
Leveraging AIOps for a holistic view of network performance and security
In this interview with Help Net Security, Terry Traina, CTO at Masergy, talks about the benefits of leveraging AIOps and how it can help thwart growing security threats. Many …
Passwordless verification API transforms every mobile phone into a security token for zero trust access
What is small, tamper-proof, cryptographically secure, and already used by 6.37 billion people? The SIM card. We carry this compact piece of secure tech everywhere without …
Hybrid work is dead, long live “work”
As we head into 2022, work will no longer be distinguished by where an employee (or student) is working or learning from. Work from wherever, on whatever device, will simply …
Unused identities: A growing security threat
In early May 2021, Colonial Pipeline, the operator of the pipeline that pumps 45% of the East Coast’s fuel, announced that they had been hacked. In his testimony before the …
Microsoft vulnerabilities have grave implications for organizations of all sizes
Microsoft software products are a connective tissue of many organizations, from online documents (creating, sharing, storing), to email and calendaring, to the operating …
Extracting value from the interconnected network of risk management
From the CISO to the SOC operator, defenders struggle to maintain complete situational awareness. Holistic approaches to risk management require the implementation of a …
From DDoS to bots and everything in between: Preparing for the new and improved attacker toolbox
A quick glance at global headlines shows a new breach, ransomware, DDoS, or bot attack on a near-daily basis. Orchestrating these attacks and selling hacking tools has become …
The threats of modern application architecture are closer than they appear
Modern applications and software have evolved as the transition to the cloud was accelerated by widespread digital transformation, as enterprises of all sizes made heavy …
EU key management in 2022
It was reported that the private key used to sign EU Digital Covid certificates (aka “vaccine passports”) was leaked and circulated on messaging apps and online data breach …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act