Cybersecurity - Articles - Page 410

What you need to know about the deep and dark web

April 5, 2021

Billions of searches take place on the surface web every day. Synonymous with Google, this part of the web is indexed by search engines. Try searching your name and you’ll likely be met with thousands if not millions of results, a few of which are familiar to you – your social media profiles, bio on your employer’s website, mentions in the news. The surface, or “clear” web, is only the tip of the iceberg, as vast as it may seem. In fact, it makes up only 4% of the entire World Wide Web. A much larger chunk of the web, the deep web, lies beneath the surface and is not indexed by search engines – but it is still just as important for security professionals to monitor.

CSA survey finds cloud security is improving

Survey finds that 58% of respondents are concerned about security in the cloud, while misconfigurations are one of the leading causes of breaches and outages, as public cloud adoption doubles over past two years

April 2, 2021

The Cloud Security Alliance (CSA) new survey, “State of Cloud Security Concerns, Challenges, and Incidents, finds that 58% of respondents are concerned about security in the cloud, while misconfigurations are one of the leading causes of breaches and outages, as public cloud adoption doubles over past two years.

A vulnerable internet needs global standards and security

Mike MacDonald

April 2, 2021

For a loosely connected, globally distributed system with no central governing authority, the Internet is remarkably dependable. Robust enough to cope with the unexpected, it features back-up capabilities ranging from redundant network paths to virtual servers that compensate for physical hardware failures.

CISA releases supplemental direction on emergency directive for Microsoft Exchange Server

April 2, 2021

CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Specifically, this update directs federal departments and agencies to run newly developed tools —Microsoft’s Test-ProxyLogon.ps1 script and Safety Scanner MSER—to investigate whether their Microsoft Exchange Servers have been compromised.

David Guthrie joins Sharecare as CIO and CISO

April 1, 2021

Sharecare announced the expansion of its executive team with David Guthrie joining as chief information officer (CIO) and chief information security officer (CISO).

Cybrary and MITRE announce MAD (MITRE ATT&CK Defender)

April 1, 2021

Cybrary, and MITRE Engenuity announced a partnership to offer MITRE ATT&CK Defender (MAD), a new online training and certification solution designed to enable defenders to gain the advantage over cyber adversaries.

Hudson’s Bay Company incident response team wins the International Cyber League (ICL) competition

April 1, 2021

Cyberbit,announced the Hudson’s Bay Company incident response team as winner of the inaugural International Cyber League (ICL) competition, the America’s Cyber Cup, outperforming nearly 100 Security Operations Center (SOC) and incident response teams over the course of four rounds of simulated cyberattack challenges. Hudson’s Bay Company was declared the winner based on quality of performance, and time to response, achieving the title of Best Cyber Defense Team in the Americas.

CCPA california privacy requests cost companies much time and money

Nearly half of privacy requests last year were to stop the sale of personal data

April 1, 2021

New research on California consumers shows that nearly half of privacy requests sent in 2020 were to stop the sale of personal data to a third-party. In addition, companies are dealing with an overwhelming number of privacy requests costing money and time.

Cyber Tactics

Mission-critical supply chain software: A growing operational priority

John McClurg

April 1, 2021

Today, open-source code is everywhere. In fact, 99% of all codebases contain open-source code, and anywhere from 85% to 97% of enterprise codebases come from open-source. What does that mean, exactly? It means that the vast majority of our applications consist of code we did not write.