SEARCH
All Articles
Sudo Flaw Gives Linux Users Root Access
Researchers from Qualys uncovered a major vulnerability in an application that allows administrators to delegate limited root access to regular users. While most major Linux distributions have released fixed versions of sudo, administrators still have to verify their systems are protected.
Cybercriminals Target Vaccine Supply Chain
Over the last year, cybercriminals adjusted their attack tactics with new developments with the COVID-19 pandemic. With attention now on developing and distributing the vaccine for the novel coronavirus, attackers have shifted their focus to target the vaccine supply chain.
Decipher Podcast: Andy Ellis Returns
Andy Ellis, CSO of Akamai, joins Dennis Fisher to discuss the importance of setting priorities, how to assess your strengths and weaknesses as an organization, and the NFL draft.
Enduring Lessons From Securing the Election
Securing the 2020 election was a years-long process, and former CISA Director Chris Krebs found a number of key lessons for security teams during the effort.
EU Regulators Issued Larger GDPR Fines in 2020
The European Union’s data protection authorities have been flexing their regulatory powers under the General Data Protection Regulation over the past year, increasingly imposing larger fines and other enforcement actions.
Trump Executive Order Focuses on Rules for Cloud Providers
One of the last executive orders for the outgoing Trump Administration authorized the Commerce Department to create "know your customer" rules for infrastructure-as-a-service providers.
New Raindrop Tool Tied to SolarWinds Attackers
A piece of malware called Raindrop has been found in some networks compromised by the SolarWinds attackers.
New York Proposes Biometrics Privacy Law
New York lawmakers are moving ahead with their own privacy legislation to regulate how private companies handle biometric data.
Attackers Eyeing Cloud Platforms
Attack groups are increasingly focusing their attention on cloud platforms and services as common entry points for victim networks.
Decipher Podcast: Amanda Berlin
Amanda Berlin of Blumira joins Dennis Fisher to talk about how she got her start in security, learning new skills on the fly, and helping customers find the things that really matter on their networks.
Mimecast Says Attackers Stole Certificate, Targeted Customers’ Email
Email security firm Mimecast said attackers stole a certificate some of its customers use to authenticate to some of its cloud services.
New Rule May Require Banks to Report Incidents Sooner
A proposed rule from a trio of federal financial regulatory agencies aims to change current reporting requirements so that financial service organizations have to notify federal regulators of a security incident within 36 hours.
Intel vPro Chips Include Ransomware Detection
The latest Intel vPro processor will include built-in protections to detect and block ransomware attacks, Intel said.
No Easy Path to Cyber Norms
Discussions on developing norms for cyber operations have resurfaced in the wake of the SolarWinds breach and subsequent intrusions, but experts say it's not a simple task.
Data Shows More Exploits Are Being Published on GitHub
From a vulnerability management perspective, it makes sense for defenders to be aware of which vulnerabilities have publicly available exploit code. Increasingly, much of that code is beginning to appear on GitHub.