Is $50,000 for a Vulnerability Too Much?
February 4 2021Lofty bug bounties catch attention, but don't alleviate the application security flaws they are trying to solve.
Read moreAnother SolarWinds Orion Hack
February 4 2021
At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin — was using...
Read morePatch Imperfect: Software Fixes Failing to Shut Out Attackers
February 3 2021Incomplete patches are allowing attackers to continue exploiting the same vulnerabilities, reducing the cost to compromise.
Read moreAn Observability Pipeline Could Save Your SecOps Team
February 3 2021Traditional monitoring approaches are proving brittle as security operations teams need better visibility into dynamic environments.
Read moreSolarWinds' CEO says evidence indicates attackers lurked in the company's Office 365 email system for months ahead of the attack.
Read moreWhat should you say if you have a data breach? Catch up with Jason Nurse at Sophos Evolve
February 3 2021Learn why it's way better to rehearse what to say if you suffer a data breach than to make it up as you go along.
Read moreWhat I Wish I Knew at the Start of My InfoSec Career
February 3 2021Security pros identify lessons learned that impact how they view infosec today.
Read moreSecurity in a Complex World
February 3 2021Innovation and complexity can co-exist; the key is to use innovation to make ever-expanding complexity comprehensible and its effects predictable.
Read moreMore SolarWinds News
February 3 2021
Microsoft analyzed details of the SolarWinds attack:
Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another...
Read more
Concerns Over API Security Grow as Attacks Increase
February 3 2021Some 66% of organizations say they have slowed deploying an app into production because of API security concerns.
Read more
Recent Comments