What is shadow mining and why is it a security threat?
The majority of organizations are overlooking the threat of shadow mining, with 65 percent of organizations unfamiliar with the term and more than half (57 percent) unfamiliar …
New infosec products of the week: April 5, 2019
Free cybersecurity threat assessment for midsize and large organizations Cynet unveiled the Cynet Threat Assessment program. The free offering for organizations with 500 or …
85% of organizations fail to meet even basic PAM security hygiene
While nearly four out of five organizations (78 percent) now include privileged credential protection as part of their cybersecurity policies, their privileged access …
Vendor revenue from IT infrastructure products for cloud environments grew 28% year over year
Vendor revenue from sales of IT infrastructure products (server, enterprise storage, and Ethernet switch) for cloud environments, including public and private cloud, grew …
Vulnerability found in Guard Provider, Xiaomi’s pre-installed security app
Check Point Research discovered a vulnerability in one of the preinstalled apps on devices manufactured by one of the world’s biggest mobile vendors, Xiaomi. The vulnerability …
Microsoft rolls out new security capabilities for Azure customers
Microsoft has announced new security features for customers of its Azure cloud computing service. They are a mix of features for storage and compute services: Advanced Threat …
The security challenges that come with serverless computing
Serverless computing (aka Function-as-a-Service) has been a boon to many enterprises: it simplifies the code development and deployment processes while improving utilization …
Attackers fighting back against security teams while also targeting supply chains
According to the world’s leading IR professionals, increasingly sophisticated attacks involving instances of “island hopping,” counter incident response (IR), and lateral …
79% of organizations want a federal privacy law amid lack of compliance
There is a significant enthusiasm for a federal privacy law amid organizations’ lack of ability to comply with data privacy rules stemming from both mushrooming government …
As fraud attacks grow more sophisticated, a need for contextual detection strategies increases
Fraudsters are using a complex array of tools to build armies of fake accounts, 74% of all fraudulent accounts are created from desktops, and cloud service provider IP ranges …
Organizations still use low levels or no automation of key security and incident response tasks
Most organizations understand that automation is the path to achieve optimal workflows in the face of staff shortages and alert fatigue. Yet, 59% of the D3 Security 2019 …
Backdoors inevitably create vulnerabilities that can be exploited by malicious actors
73 percent of IT security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. The Venafi survey on …
Featured news
Resources
Don't miss
- Report: The State of Secrets Sprawl 2025
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)
- Moving beyond checkbox security for true resilience
- Dependency-Check: Open-source Software Composition Analysis (SCA) tool
- Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK