Tag: infosec
-
Keyfactor Bolsters Quantum Readiness With Dual Acquisitions
Real-Time, Deep Cryptographic Discovery Added to Certificate Automation Portfolio. Keyfactor is acquiring CipherInsights and InfoSec Global in a move designed to shift cryptographic security earlier in the lifecycle. The acquisitions offer real-time and deep discovery capabilities to help customers identify and remediate cryptographic weaknesses ahead of quantum disruption. First seen on govinfosecurity.com Jump to article:…
-
New infosec products of the week: May 9, 2025
Here’s a look at the most interesting products from the past week, featuring releases from ProcessUnity, Searchlight Cyber, ServiceNow, and Verosint. ServiceNow unveils AI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/09/new-infosec-products-of-the-week-may-9-2025/
-
Top tips for successful threat intelligence usage
Tags: ai, attack, automation, cloud, computing, data, ddos, detection, exploit, firewall, group, guide, incident response, infosec, infrastructure, intelligence, law, mitigation, network, phishing, siem, skills, soar, software, threat, tool, update, vulnerability, vulnerability-managementMake sure you don’t have more intel than you need: Next is the matching phase: the most sophisticated TIP may be overkill if you have a small infosec department with limited skills or have a relatively simple computing environment. According to this 2025 report from Greynoise, threat feeds must match your own environment in terms…
-
Seceon Wins Three Global Infosec Awards at RSAC 2025
At Seceon, we’ve always believed that solving cybersecurity isn’t about adding more tools but building smarter ones. That belief was validated in a big way this year at RSAC 2025, where we proudly took home three Global Infosec Awards. 🆠Best Comprehensive Cybersecurity Platform🆠Best SMB Managed Security Services Platform (for aiSecurity-CGuard)🆠Best XDR Platform…
-
RSAC 2025: Ex-CISA head Krebs defiantly urges infosec community to keep up the good fight
First seen on scworld.com Jump to article: www.scworld.com/news/rsac-2025-ex-cisa-head-krebs-defiantly-urges-infosec-community-to-keep-up-the-good-fight
-
BSidesLV24 Proving Ground You Can Be Neurodivergent And Succeed In InfoSec
Author/Presenter: Randall Wyatt Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/bsideslv24-proving-ground-you-can-be-neurodivergent-and-succeed-in-infosec/
-
What is EDR? An analytical approach to endpoint security
Tags: access, android, antivirus, api, attack, automation, breach, cloud, corporate, data, defense, detection, edr, email, endpoint, firewall, incident response, infection, infosec, infrastructure, intelligence, Intruder, linux, macOS, malicious, malware, network, service, siem, soar, software, threat, tool, trainingEDR vs. antivirus: What’s the difference?: Antivirus software has similar goals to EDR, in that it aims to block malware from installing on and infecting endpoints (usually user PCs). The difference is that antivirus spots malicious activity by trying to match it to signatures, known patterns of code execution or behavior that the security community…
-
Infosec products of the month: April 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Abnormal AI, AppViewX, Arctic Wolf Networks, Bitdefender, BitSight, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/02/infosec-products-of-the-month-april-2025/
-
Infosec pros tell Trump to quit bullying Chris Krebs it’s undermining security
Top voices warn that political retaliation puts democracy and national defense at risk First seen on theregister.com Jump to article: www.theregister.com/2025/04/29/infosec_trump_krebs_letter/
-
Cybersecurity leaders decry ‘political persecution’ of Chris Krebs in a letter to the President
Demand for immediate action: The letter concluded with a specific petition for the Trump Administration to immediately take two actions: reinstate the security clearances of SentinelOne employees and rescind the order to the Department of Justice investigating Krebs.”An independent infosec community is fundamental to protecting our democracy, and to the profession itself,” the letter asserted.…
-
New infosec products of the week: April 25, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Bitdefender, PowerDMARC, Skyhawk Security, Stellar Cyber, Swimlane, and Veracode. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/25/new-infosec-products-of-the-week-april-25-2025/
-
Lesson from huge Blue Shield California data breach: Read the manual
read the documentation of any third party service you sign up for, to understand the security and privacy controls;know what data is being collected from your organization, and what you don’t want shared.”It’s important to understand these giant platforms make it easy for you to share your data across their various services,” he said. “So…
-
New infosec products of the week: April 18, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Cato Networks, Cyware, Entrust, PlexTrac, and Seemplicity. PlexTrac for CTEM helps … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/18/new-infosec-products-of-the-week-april-18-2025/
-
Whistleblower describes DOGE IT dept rampage at America’s labor watchdog
Ignored infosec rules, exfiltrated data “¦ then the mysterious login attempts from a Russian IP address began claim First seen on theregister.com Jump to article: www.theregister.com/2025/04/17/whistleblower_nlrb_doge/
-
The most dangerous time for enterprise security? One month after an acquisition
Fear of upgrading or purchasing any new security tech. Managers are hesitant to invest because they don’t know what the new parent company will decide, and they don’t want to waste money.Talented security people leave, along with the best people in every business unit. They are worried about being laid off, so they take whatever…
-
New infosec products of the week: April 11, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Index Engines, Jit, RunSafe Security, and Seal Security. Jit launches AI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/11/new-infosec-products-of-the-week-april-11-2025/
-
Targeted phishing gets a new hook with real-time email validation
Tags: api, authentication, awareness, ciso, credentials, data-breach, defense, email, infosec, mail, password, phishing, sans, service, spam, spear-phishing, threat, training‘A little bit of hype’: David Shipley, head of Canadian-based security awareness training firm Beauceron Security, said “there’s a little bit of hype” in giving the tactic a fancy name for what is in fact spear phishing, although, he admitted, it’s “rapid-fire spear phishing.”The reason, he said, is that “spray-and-pray” mass phishing campaigns today are…
-
The Reg translates the letter in which Oracle kinda-sorta tells customers it was pwned
TL;DR: Move along, still nothing to see here – an idea that leaves infosec pros aghast First seen on theregister.com Jump to article: www.theregister.com/2025/04/10/oracles_breach_letter/
-
Precision-validated phishing: The rise of sophisticated credential theft
Tags: api, authentication, awareness, ciso, credentials, data-breach, defense, email, infosec, mail, password, phishing, sans, service, spam, spear-phishing, theft, threat, training‘A little bit of hype’: David Shipley, head of Canadian-based security awareness training firm Beauceron Security, said “there’s a little bit of hype” in giving the tactic a fancy name for what is in fact spear phishing, although, he admitted, it’s “rapid-fire spear phishing.”The reason, he said, is that “spray-and-pray” mass phishing campaigns today are…
-
Trump kills clearances for infosec’s SentinelOne, ex-CISA boss Chris Krebs
Alleges cybersecurity agency was ‘weaponized’ to suppress debunked theories First seen on theregister.com Jump to article: www.theregister.com/2025/04/10/trump_cisa_investigation_memo/
-
Pharmacist accused of using webcams to spy on women in intimate moments at work, home
Lawsuit claims sick cyber-voyeurism went undetected for years, using hundreds of PCs, due to lax infosec First seen on theregister.com Jump to article: www.theregister.com/2025/04/09/pharmacist_accused_of_cyber_voyeurism/
-
New infosec products of the week: April 4, 2025
Here’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Bitsight, Bluefin, CyberQP, and Exabeam. Exabeam Nova accelerates threat … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/04/new-infosec-products-of-the-week-april-4-2025/
-
6 hard-earned tips for leading through a cyberattack, from CSOs who’ve been there
Tags: attack, awareness, breach, business, cisco, ciso, control, cyber, cyberattack, cybersecurity, data, group, incident response, infosec, infrastructure, lessons-learned, military, open-source, phishing, phone, privacy, programming, ransomware, security-incident, service, skills, software, strategy, threat, training, updateDevelop muscle memory, and patience, through simulations: Authority under crisis is meaningless if you can’t establish followership. And this goes beyond the incident response team: CISOs must communicate with the entire organization, a commonly misunderstood imperative, says Pablo Riboldi, CISO of nearshore talent provider BairesDev.”I find that employee involvement tends to be overlooked during cyberattacks.…
-
Check Point confirms breach, but says it was ‘old’ data and crook made ‘false’ claims
Explanation leaves a ‘lot of questions unanswered,’ says infosec researcher First seen on theregister.com Jump to article: www.theregister.com/2025/03/31/check_point_confirms_breach/
-
Infosec products of the month: March 2025
Tags: infosecHere’s a look at the most interesting products from the past month, featuring releases from: 1Kosmos, Alloy, Cloudflare, Cytex, Detectify, GetReal Security, iProov, Keysight … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/28/infosec-products-of-the-month-march-2025/
-
US defense contractor cops to sloppy security, settles after infosec lead blows whistle
MORSE to pay — .. .-.. .-.. .. — -. … for failing to meet cyber-grade First seen on theregister.com Jump to article: www.theregister.com/2025/03/26/us_defense_contractor/
-
Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish
16,000 stolen records pertain to former and active mail subscribers First seen on theregister.com Jump to article: www.theregister.com/2025/03/25/troy_hunt_mailchimp_phish/
-
CISOs are taking on ever more responsibilities and functional roles has it gone too far?
Tags: ai, business, cio, ciso, cloud, compliance, computing, control, corporate, cyber, cybersecurity, data, defense, framework, fraud, governance, healthcare, infosec, intelligence, international, Internet, jobs, law, mitigation, nist, privacy, regulation, resilience, risk, risk-management, service, skills, software, supply-chain, technology, threatth century alongside technology and internet-enabled threats, morphing to meet the demands of the moment. But the position hasn’t just matured; in many cases it has expanded, taking on additional domains.”The CISO role has expanded significantly over the years as companies realize that information security has a unique picture of what is going on across…
-
11 hottest IT security certs for higher pay today
Tags: access, attack, automation, business, cloud, container, control, corporate, credentials, cyber, cybersecurity, data, defense, encryption, exploit, finance, fortinet, google, governance, incident response, infosec, intelligence, Internet, jobs, linux, malicious, malware, monitoring, network, penetration-testing, remote-code-execution, resilience, reverse-engineering, risk, risk-assessment, risk-management, skills, software, technology, threat, tool, training, vulnerability, windowsOffensive Security Certified Expert (OSCE): OffSec’s Offensive Security Certified Expert consists of three courses: Advanced Web Attacks and Exploitation, Advanced Evasion Techniques and Breaching Defenses, and Windows User Mode Exploit Development. The format for each course exam is the same: Candidates have 48 hours to compromise a given target using various techniques. No formal prerequisites exist for any of the…