Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When Gronk the caveperson chipped out the first wheel from a slab of granite only to watch it roll away down a hill at some speed, he discovered we could build things to make our lives easier. We took this idea and ran with it, and now we have internet connected shoes. However, we also have cybercrime, data theft, phishing, scams, ransomware... the list goes on.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Should we be surprised that there are weaknesses in a car app that lets you locate and remotely control them? We’ve been here before – too many times before. Again, possibly bad management, specification and design failures all round, and no one seems to learn.

Every business has its assets: things that are of value. They can be land, cash, equipment, vehicles, buildings; but also they can be digital, such as applications, business processes, software, trademarks, up-to-date customer or client list on CRM software, copyrighted material, business websites, business blogs and so on.

Today, I’m excited to share that we have released AlienApp for Box, a new security integration between AT&T Cybersecurity and Box, a leader in cloud content management. This new feature within USM Anywhere takes advantage of Box's granular logging capabilities and powerful APIs to add an additional layer of security for Box Enterprise customers that enables you to monitor your Box environments for potential threats and malicious activities.

The current security state of industrial control systems (ICS) is a perplexing one. On the one hand, Kaspersky Lab found in a recent report that a majority of organizations (75 percent) regard ICS security as a major priority. On the other hand, organizations aren’t implementing the proper safeguards to secure their industrial control systems.

Many security breaches take place when attackers gain access to Internet-facing applications by using compromised credentials. As an added layer of security against leaked credentials, organizations have been implementing multi-factor authentication (MFA) mechanisms to verify the identity of users connecting to critical online assets.

What I’ve found throughout the years is that the only constant in life is the fact that everything changes and changes frequently. I can’t even get a consistent scenery on my way to work longer than a couple of weeks before something is different! At the same time, the world of technology is in constant flux whether it’s new technology or updates to automated tools that interact with all sorts of servers or services running throughout an environment.

In information warfare, the need to develop SIEM architecture has become a crucial factor due to the existence of ever-growing cyber threats and their creators – cyber pests. The SIEM (Security Information and Event Management) presents a broad range of products or services for the purpose of managing security information and security events simultaneously.