[ad_1]
Here’s a roundup of some of the most interesting news, articles, interviews and videos from the past week:
Taking cybersecurity investments to the next level
In this interview with Help Net Security, the former Trident Capital leader offers insight into cybersecurity market innovation, M&A activity, venture capital pitching and more.
Microsoft fixes many zero days under attack
November 2022 Patch Tuesday is here, with fixes for many vulnerabilities actively exploited in the wild, including CVE-2022-41091, the Windows Mark of the Web bypass flaw, and the ProxyNotShell MS Exchange vulnerabilities.
Medibank will not pay the ransom for data stolen in a breach
Australian health insurance provider Medibank has announced it will not pay the ransom to criminals who stole data from 9.7 million of its current and former customers.
Google Play malware delivers banking malware to victims
Android users are often advised to get mobile apps from Google Play, the company’s official app market, to minimize the possibility of downloading malware.
Photos: IRISSCON 2022
IRISSCON, the annual cybercrime conference organized by the Irish Reporting and Information Security Service (IRISS), took place in Dublin, Ireland on Thursday 10 November 2022.
Busting Compliance Myths
In this interview with Help Net Security, Troy Fine, senior manager of cybersecurity risk management at Drata, talks about the challenges of data compliance and what companies need to do to achieve it.
A false sense of security undermines good password hygiene
LastPass has released findings from its fifth annual Password Psychology Report, which reveals that even with increasing cybersecurity education, password hygiene has not improved.
Does your company need secure enclaves? Five questions to ask your CISO
Some of the biggest barriers to cloud adoption are security concerns: data loss or leakage, and the associated legal and regulatory issues with off-site data storage and processing.
Phishing threats are becoming more convincing and evasive
In this Help Net Security video, Tonya Dudley, VP, CISO at Cofense, provides insight into the various changes seen in the phishing threat landscape.
How geopolitical turmoil has changed the cybersecurity threat landscape
ENISA, the EU Cyber Security Agency, has published its annual threat landscape report covering the period July 2021 to July 2022.
The Security Dilemma of Data Growth
As hybrid work becomes the norm in business, so does the proliferation of data. Data sprawl refers to the dispersal of company information that often comes from scattered and unmanaged use of cloud applications.
How to assess and mitigate complex supply chain risks
In this Help Net Security video, Andy Zollo, Regional Vice President EMEA at Imperva, talks about how organizations can assess and mitigate cyber risks within their supply chain.
Security “sampling” puts US federal agencies at risk
Titania has launched an independent research report that reveals the impact of abusive misconfigurations on the security of US federal government networks.
Illuminating the dark web
Dark web markets sell tons of tools, stolen data, and forged documents, and some of the things for sale are priced higher than others.
Estimating your active security budget plugs holes in your security stack
In this Help Net Security video, Pat McGarry, CTO at ThreatBlockr, discusses how enterprise defenders need a way to block advanced threats that pass through their security stack.
How ransomware gangs and malware campaigns are changing
Deep Instinct has released its biannual Cyber Threat Report 2022, which focuses on the top malware and ransomware trends and tactics from the first half of 2022 and provides key takeaways and predictions for the ever-evolving cybersecurity threat landscape.
Red, purple or blue? When it comes to offensive security operations, it’s not just about choosing one color
Organizations often operate under the false impression that they are in control, without any evidence to support that perception. Unfortunately, this illusion is common due to (among other things) the confirmation bias that takes hold in boardrooms and IT departments: “We haven’t had an attack yet, so we must be doing something right.”
Exposing Emotet and its cybercriminal supply chain
In this Help Net Security video, Chad Skipper, Global Security Technologist at VMware, shares insights learned from the latest resurgence of Emotet in hopes that organizations can better understand and protect themselves against this persistent malware.
How can CISOs keep pace with the security demands of their ever-growing networks?
Vulnerability management has always been as much an art as a science. However, rapid changes in both IT networks and the external threat landscape over the past decade have made it exponentially more difficult to identify and remediate the vulnerabilities with the greatest potential impact on the enterprise.
What is software threat modeling and how to use it effectively
In this Help Net Security video, Kevin Delaney, Director, Solutions Engineering at Security Compass, explains what threat modeling is and why it’s important to software development.
Remote work brings video conferencing security to the fore
In this Help Net Security video, George Waller, EVP of Zerify, talks about the rise of remote work and the importance of video conferencing security for organizations of all sizes.
Compliance initiatives can accelerate your organization’s path to security
In this Help Net Security video, Christopher Fielder, CTO at Arctic Wolf, discusses common mistakes organizations make in their compliance journeys.
Personal cybersecurity is now a company concern
In this Help Net Security video, Amir Tarigat, the agency’s CEO, discusses the rise of digital risk to employees. It explores the intersection of personal and corporate cybersecurity and new approaches to managing the new wave of attacks.
Balance reliable online age verification methods with data protection concerns
In this Help Net Security video, Philip Poyntner, Head of Digital Identity at Jumio, discusses Jumio’s age verification survey, which suggests that many parents agree that social media sites need to implement stronger protections.
2FA, 3FA, MFA… What does it all mean?
Simply put, authentication is the act of proving that you are who you say you are. To gain access to protected information, systems or locations, a user must prove their identity by providing specific access credentials.
How micro-VMs can protect your most vulnerable endpoints
When it comes to these cyberattacks, malware remains a major concern. With one click, an infection can wreak havoc on your network, allow hackers to steal critical information, delete files, and destroy your devices.
Cloud Data Security Report 2022
Flow Security’s 2022 Cloud Data Security Report delves into how today’s CISOs are adapting to the growing data security challenges and the issues they are prioritizing to solve.
New Info Products of the Week: November 11, 2022
Here’s a roundup of the most interesting products from the past week, including releases from Acronis, Flashpoint, ImmuniWeb, Lacework, Picus Security and Vanta.
[ad_2]
Source link