Process failures are the root cause of most serious cybersecurity incidents. We need to treat security as a process issue, not try to solve it with a collection of tools. This article has been indexed from Dark Reading Read the…
Category: EN
SaaS Vendor Risk Assessment in 3 Steps
SaaS applications are the new supply chain and, practically speaking, SaaS is the modern vendor. Here are three straightforward steps to manage this new vendor risk. This article has been indexed from Dark Reading Read the original article: SaaS Vendor…
A week in security (November 06 – November 12)
A list of topics we covered in the week of November 06 to November 12 of 2023 This article has been indexed from Malwarebytes Read the original article: A week in security (November 06 – November 12)
Domain Control Validation (DCV) Methods & How to Choose
You can trust digital certificates issued by reputable Certificate Authorities (CAs) because they go through a domain control validation (DCV) process, which verifies the legitimacy of the entity requesting the SSL/TLS certificate and the domain ownership for which the certificate…
Cyber risk is business risk: Qualys Enterprise TruRisk Platform sets new industry standard
In this Help Net Security interview, Sumedh Thakar, President and CEO of Qualys explores the vision behind the Qualys Enterprise TruRisk Platform, a strategic move aimed at redefining how enterprises measure, communicate, and eliminate cyber risk. We delve into how…
Royal Mail cyber security still a mess, say infosec researchers
ALSO: most Mainers are MOVEit victims, NY radiology firm fined for not updating kit, and some critical vulnerabilities Infosec in brief After spending almost a year cleaning up after various security snafus, the UK’s Royal Mail has left an open…
SEC vs. SolarWinds CISO, Classiscam Scam-as-a-Service
In this episode, we discuss the SEC’s charges against SolarWinds’ CISO for misleading investors about a major cyberattack. Plus don’t miss our discussion about the shady world of “Classiscam Scam-as-a-Service,” a very popular cyber criminal service that creates fake user…
Success eludes the International Counter Ransomware Initiative
A swing and a miss by the 50 member countries of the International Counter Ransomware Initiative (CRI), headlined by the US, who have confirmed a commitment to collectively address ransomware. Ransomware, as predicted, is growing at tremendous rates and focusing…
Signal is testing usernames so you don’t have to share your phone number
The Signal messaging service is testing support for usernames as a replacement for phone numbers to serve as user identities This article has been indexed from Malwarebytes Read the original article: Signal is testing usernames so you don’t have to…
CISOs vs. developers: A battle over security priorities
A majority of both developers and CISOs view software supply chain security as a top priority in their roles (70% and 52% respectively), according to Chainguard. However, there is a clear disconnect and even some distrust between CISOs and developers…