Ransomware attack suspected on Macmillan Publications

Macmillan, that is into the publishing business of educational content, was hit by a cyber attack that is suspected to be of ransomware variant. The company is yet to confirm the incident. But the staff of the publishing giant admitted to be experiencing a digital disruption in the IT Infrastructure of the company. Highly placed sources say the company is not interested in bowing down to the demands of hackers, as it has an efficient data continuity plan in place. However, a slight delay to the shipments of books would be observed, as access to...

Read More

Amazon Photos exhibit high severity vulnerability

All you Amazon Photos users out there, please be aware of a high-severity vulnerability in the app that you are using to store photos and videos in original quality. The said application that is found to have over 50 million downloads can be exploited by hackers to steal Amazon access tokens and steal data thereafter. Cybersecurity researchers from Checkmarx have confirmed a security bug on the Android phone application that could allow hackers to steal the personal information of hackers. Researchers claim that the application has a mis-configured...

Read More

API security: 12 essential best practices to keep your data & APIs safe

This blog was written by an independent guest blogger. If you don’t think API security is that important, think again. Last year, 91% of organizations had an API security incident. The proliferation of SOAP and REST APIs makes it easy for organizations to tailor their application ecosystems. But, APIs also hold the keys to all of a company’s data. And as data-centric projects become more in demand, it increases the likelihood of a target API attack campaign.  Experts agree that organizations that keep their API ecosystem open should also take...

Read More

Authenticating legacy apps with a reverse proxy

This blog was written by an independent guest blogger. When we think of “authentication” for our applications, most of us think of user registration, a login form, and resetting passwords. Our concerns begin and end there. But as we dive deeper and our security and compliance requirements change over time, we have to consider new password hashing algorithms, blocking bots,...

Read More

How can your organization find and develop the next generation of cybersecurity?

Last week (ISC)² released the (ISC)² Cybersecurity Hiring Managers Guide: Best Practices for Hiring and Developing Junior Talent built on the latest research to help organizations grow their teams and retain top talent. The report highlighted the top technical skills, non-technical skills and personality attributes hiring managers seek and how organizations can benefit from...

Read More

SECURE North America | Users Aren’t the Weakest Link, They’re Your Allies

Security teams should stop treating users as the weakest link in security and, instead, turn them into allies in building a strong security culture. This was the message from Shelly Epps, HCISPP, Director of Security Program Management at Duke Health, who delivered a presentation this week at the (ISC)² SECURE North America virtual event. “If you are relying upon users for...

Read More

ERI’s John Shegerian Shares Insights at VerdeXchange on Protecting the Planet through Innovation and a Circular Economy

LOS ANGELES–(BUSINESS WIRE)–Last week, John Shegerian, Chairman and CEO of ERI, the nation’s largest fully integrated IT and electronics asset disposition provider, was featured as a speaker on two panels at the VerdeXchange annual conference at the Omni Hotel in Los Angeles. First, Shegerian contributed to a panel discussion titled “Circular Economy Solutions to California’s...

Read More

New Hertzbleed vulnerability affects modern AMD and Intel Processors

A group of researchers from the University of Texas, University of Illinois, and the University of Washington have found a new vulnerability in modern AMD and Intel Processors. They dubbed the flaw Hertzbleed, as it uses frequency side channels to extract cryptographic keys from remote servers. Experiments launched by the researchers from the three said educational institutions say that under certain circumstances dynamic frequency scaling feature is linked to the data processing feature in modern x86 processors. And because of this fault, the...

Read More

DevSecOps deploy and operate processes

In the previous article, we covered the release process and how to secure the parts and components of the process. The deploy and operate processes are where developers, IT, and security meet in a coordinated handoff for sending an application into production. The traditional handoff of an application is siloed where developers send installation instructions to IT, IT provisions...

Read More

Infosecurity Europe: A show so secure a train strike couldn’t break it!

Infosecurity Europe is unquestionably the biggest and most significant cybersecurity conference and event on the European calendar, a mainstay that is enjoyed by the entire industry and that serves as an important opportunity for members to meet each other and engage with the (ISC)² team on our stand. Like so many key industry events, Infosecurity Europe has been operating...

Read More

Adlumin Named to First-ever MES Matters – Key Vendors Serving the Midmarket List

WASHINGTON–(BUSINESS WIRE)–Adlumin, Inc., the command center for security operations, announced today that Midsize Enterprise Services (MES), a brand of The Channel Company, has recognized Adlumin on its 2022 MES Matters- Key Vendors Serving the Midmarket list. The MES Matters list recognizes vendors that have proven themselves to be forward-thinking technology providers...

Read More

CyberArk Announces Impact 2022: The Identity Security Event of the Year

NEWTON, Mass. & PETACH TIKVA, Israel–(BUSINESS WIRE)–CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced the details of CyberArk Impact 2022. The global cybersecurity conference will bring together Identity Security professionals to connect, learn, collaborate and discuss the critical importance of Identity Security-based strategies. The event...

Read More

The three core strengths of USM Anywhere

This blog was written by an independent guest blogger. USM Anywhere is the ideal solution for small and mid-sized businesses that need multiple high-quality security tools in a single, unified package. There’s no reason large, global enterprises should have a monopoly on top cybersecurity technology. Solutions like USM Anywhere give smaller organizations access to security tools that are both effective and affordable. USM Anywhere offers a centralized solution for monitoring networks and devices for security threats. It secures devices operating...

Read More

ENTRY-LEVEL CYBERSECURITY JOBS KEY TO SOLVING WORKFORCE GAP

Facing an acute shortage of qualified cybersecurity professionals, hiring managers are recruiting entry- and junior-level practitioners to their teams. The latest (ISC)² research captured in our Cybersecurity Hiring Managers Guide reveals this practice enables organizations to build stronger and more resilient cybersecurity teams. The findings come from a poll of 1,250...

Read More

Industry Leader, Cyber Defense Magazine, Awards Calix ProtectIQ for Best in Anti-Phishing, Network Security, and Management for Helping Broadband Providers Protect Subscribers From Millions of Digital Threats

SAN JOSE, Calif.–(BUSINESS WIRE)–Calix, Inc. (NYSE: CALX) announced today that ProtectIQ® home network cybersecurity, a key offering in Calix Revenue EDGE Suites (EDGE Suites)—a component of the Calix Revenue EDGE platform—won the Cyber Defense Magazine 2022 Global InfoSec Award for “Best in Anti-Phishing, Network Security, and Management.” The award, which honors the top...

Read More