Flaws are left open for weeks or longer even when fixes exist, security experts admit, leaving organizations at risk. Forget the stealthy hacker deploying a never-before-seen zero day to bring down your network. IT security professionals admit that one in three breaches are the result of vulnerabilities that they should have already patched. Software vendors … Read more
Andrew Martin, founder and CEO of DynaRisk, explains how cyber security scores are improving employee engagement for enterprises. It looks like cyber attacks are here to stay, and they’re costing businesses a lot of money. According to research from Accenture, cybercrime could cost companies globally $5.2tn over the next five years. In response, businesses are doing … Read more
There are several key industry-wide lessons to be learned from the NotPetya attack in 2017, according to the information chief at one of the companies most heavily impacted. The cyber threat landscape has changed fundamentally, with a very real risk of being caught up in nation state-sponsored activity, says Adam Banks, chief technology and information officer … Read more
Both high and low-risk bugs and licensing conflicts are rife in today’s business codebases. Up to 60 percent of all codebases used in the enterprise contain at least one vulnerability originating from open-source components, new research suggests. On Tuesday, Black Duck by Synopsys released its annual Open Source Security and Risk Analysis (OSSRA) report, which analyzed the … Read more
An agreement links Cisco Meraki MX Security/SD-WAN appliances and its Auto VPN technology to Teridion’s cloud-based WAN service that claims to accelerate TCP-based applications by up to 5X. Cisco and Teridion have tied the knot to deliver faster enterprise software-defined WAN services. The agreement links Cisco Meraki MX Security/SD-WAN appliances and its Auto VPN technology which lets users quickly bring up … Read more
Executives and cloud-based services are gaining popularity as targets for cyber criminals, according to the latest data breach investigations report. C-level executives who have access to a company’s most sensitive data are increasingly and proactively targeted by cyber criminals, correlating to a rise in social engineering attacks with financial motivation, Verizon’s 2019 Data breach investigation report (DBIR) reveals. Cloud-based services are … Read more
Cisco released 40 security advisories around Nexus switches, Firepower firewalls and more. Cisco issued some 40 security advisories today but only one of them was deemed “critical” – a vulnerability in the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode data-center switch that could let an attacker secretly access system resources. The exposure, which was … Read more
Performance, form factors, and automation capabilities are key considerations when choosing a next-generation firewall (NGFW). Firewalls have been around for years, but the technology keeps evolving as the threat landscape changes. Here are some tips about what to look for in a next-generation firewall (NGFW) that will satisfy business needs today and into the future. … Read more
Cisco’s Talos security group says DNSpionage tools have been upgraded to be more stealthy. The group behind the Domain Name System attacks known as DNSpionage have upped their dark actions with new tools and malware to focus their attacks and better hide their activities. Cisco Talos security researchers, who discovered DNSpionage in November, this week warned of … Read more
VPN packages from Cisco, Palo Alto, F5 and Pulse may improperly secure tokens and cookies. The Department of Homeland Security has issued a warning that some VPN packages from Cisco, Palo Alto, F5 and Pulse may improperly secure tokens and cookies, allowing nefarious actors an opening to invade and take control over an end user’s system. … Read more
