Category: AI in news
Forward Secrecy’s day has come – for most. The cryptographic technique (sometimes called Perfect Forward Secrecy or PFS), adds an additional layer of confidentiality to an encrypted session, ensuring that only the two endpoints can decrypt the traffic. With forward secrecy, even if a third party were to record an encrypted session, and later gain…
Read MoreWe’ve heard this story before: an employee leaves a laptop in their car and it gets stolen. In January 2018, 43,000 patients had their personal medical history exposed in this manner.1 In fact, stolen physical devices containing confidential data were the cause of over a million records leaked in 2017 alone. A recent article in…
Read MoreBreaches are inevitable due to the asymmetry of attacks – carpet checks versus guerilla warfare. Companies – regardless of size – have been breached. For years, security leaders have spoken about the myth of the infallible Protection doctrine and reasons for improving on detection, response, and recovery. We broached on the need for threat intelligence,…
Read MoreWith the explosive growth of the Internet of Things, and the increasing threat posed by botnets that leverage IoT, more must be done to ensure IoT devices include security by design, says David Holmes, principal threat researcher at F5 Networks. The Named Data Networking project can play a critical role, Holmes says in an interview with…
Read MoreHypothesis-driven threat hunting is a tailored, proactive, and deeply analytical approach to cybersecurity. It leverages the acumen of seasoned security experts to predict and pre-empt potential attack vectors, delivering a dynamic and robust defense against the sophisticated threats that modern enterprises face. What Is Hypothesis-Driven Threat Hunting? Hypothesis-driven threat hunting is a proactive cybersecurity program…
Read MoreIt’s inevitable. Every organization needs externally-developed applications to some degree or another. Increasingly, these apps are web-based and accessed over the Internet. As part of a forthcoming report on protecting applications, F5 commissioned a survey with Ponemon. In it, we asked security professionals what percentage of their applications (by category) were outsourced. The top answers…
Read MoreDigital risk protection is the strategy and implementation of protecting an organization’s data, reputation, and digital assets from online threats. DRP extends across visible, deep, and dark web environments to identify and mitigate risks that could compromise an organization’s security posture or damage its public image. The process involves continuous monitoring, threat intelligence, and the…
Read MorePreviously, I talked about the elegant beauty in offloading parts of your risk portfolio in four distinct ways. The logic is to streamline the company’s mitigation efforts and allow you to focus more time and investment where it matters most—on the unique risks inherent to the business. But there is a fifth element, and it is…
Read MorePublic sector customers include those in education, nonprofit and on Microsoft’s Government Community Cloud. Microsoft has delayed three deadlines related to Cloud Solution Provider partners selling subscriptions through the vendor’s New Commerce Experience to public sector customers and migrating existing subscriptions on to NCE. The first revised deadline CSP partners need to keep in mind…
Read MoreOpen Extended Detection and Response (XDR) marks a paradigm shift in enterprise security, focusing on using comprehensive data insights to enhance threat detection and response across diverse systems and environments. This approach champions flexibility and interoperability over traditional vendor lock-in, allowing for a tailored security posture that keeps pace with the evolving threat landscape. The…
Read MoreRecent Posts
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials
- Multiple Vulnerabilities in Palo Alto PAN-OS Could Allow for Authentication Bypass
- Brave on iOS adds new “Shred” button to wipe site-specific data
- Palo Alto Networks patches two firewall zero-days used in attacks
- Vulnerability Summary for the Week of November 11, 2024 | CISA