What Cybersecurity Can Learn From Video Games | ATT&CK v9 Introduces Containers, Google Workspace
  Your SecurityWeek Briefing Webcasts
RSS Feed
05.04.21


Tuesday, May 04, 2021

Splly Chain Security Webinar

2021 State of Cloud Native Application Security

Do you have a cloud native security strategy? Learn how cloud native adoption has changed the threat landscape & what organizations are doing about it.

Learn More



What Cybersecurity Can Learn From Video Games
Each year we see more vendors with technology solutions and buzzwords that rarely live up to their hype and customers willing to believe or gamble for the chance at more visibility, lower business risk, or the chance to close a security gap.
Read the Full Column
by Rob Fry



The Anti-Fraud Lifecycle
Fraudsters will determine who to target within the industry based on each service’s fraud prevention policies and maturity, rather than generally targeting the industry.
Read the Full Column
by Idan Aharoni



Effective Security Needs to See and Interrupt Every Step in an Attack Chain
The best defense in depth strategy is one that enables multiple tools, deployed across the distributed network—including endpoints, clouds, and applications—to work as a unified solution to detect and respond to threats.
Read the Full Column
by John Maddison


Today's Security Trap: Increasing Spending but Not Efficacy
Despite the long-standing belief that deploying more security solutions will result in greater protection against threats, the truth of the matter can be very different.
Read the Full Column
by Torsten George



Reveal: The First Pillar of Industrial Cybersecurity
Companies in the industrial space face unique challenges when it comes to revealing what needs to be secured.
Read the Full Column
by Yaniv Vardi





As You Modernize Your SOC, Remember the Human Element
As Security Operations Centers (SOCs) mature and transition to become detection and response organizations, they need to tackle some tough challenges with respect to data, systems and people.
Read the Full Column
by Marc Solomon



Targeting Remote Learning: Defending Against Cyberattacks in our Schools
School network administrators should be taking precautions to prepare for the new challenges of the upcoming academic year.
Read the Full Column
by Laurence Pitt




The Growing Need for a New Security Platform
There is really nothing to be gained by micromanaging talented employees. While it can be a difficult transition from individual contributor to manager, it is worth taking the time to avoid slipping into micromanagement.
Read the Full Column
by Joshua Goldfarb



Splly Chain Security Webinar

2021 State of Cloud Native Application Security

Do you have a cloud native security strategy? Learn how cloud native adoption has changed the threat landscape & what organizations are doing about it.

Learn More




See All Recent Articles at SecurityWeek.Com

Gaping Security Holes Flagged in Exim Mail Server: Researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors. Read More

High-Severity Dell Driver Vulnerabilities Impact Hundreds of Millions of Devices: Dell patches high-severity vulnerabilities affecting a driver that is present on hundreds of millions of devices. Read More

New Variant of Buer Malware Loader Written in Rust to Evade Detection: A new variant of the Buer malware loader written in Rust has been detected, which could help the threat evade anti-malware detections that are based on features of the malware written in C. Read More

Trend Micro Unveils New OT Endpoint Security Solution Made by TXOne: Trend Micro announces a new endpoint security solution developed by TXOne Networks for operational technology (OT) environments. Read More

Acronis Raises $250 Million at $2.5 Billion Valuation: Cyber protection solutions provider Acronis has raised another $250 million at a valuation of $2.5 billion. Read More

ATT&CK v9 Introduces Containers, Google Workspace: Version 9 of the ATT&CK framework introduces techniques related to containers and Google Workspace, as well as other changes. Read More

Apple Warns of New Zero-Day Attacks on iOS, macOS: Apple’s problems with zero-day attacks continued this week with news of another mysterious in-the-wild compromise on iPhones and macOS devices. Read More

Alaska Court System Briefly Forced Offline Amid Cyber Threat: The Alaska Court System has temporarily disconnected most of its operations from the internet after a cybersecurity threat on Saturday, including its website and removing the ability to look up court records. Read More

Pulse Secure Ships Belated Fix for VPN Zero-Day: The embattled VPN vendor provides cover for CVE-2021-22893, a major security flaw being exploited by advanced threat actors. Read More

Cybersecurity M&A Roundup: 31 Deals Announced in April 2021: Tens of cybersecurity mergers and acquisitions were announced in April 2021, including by Atos, Mastercard, Rapid7, Thoma Bravo and Accenture. Read More

Tesla Car Hacked Remotely From Drone via Zero-Click Exploit: Researchers show how Tesla cars could have been hacked remotely, from a drone, without any user interaction. Read More

NSA Issues Guidance on Securing IT-OT Connectivity: The NSA has released a cybersecurity advisory focusing on the security of operational technology (OT) systems, particularly connectivity to IT systems. Read More

Effort to Protect Consumer Data Privacy Stalls in Florida: A campaign by Gov. Ron DeSantis to help Floridians regain ownership of the troves of data that companies collect came to a halt, when state lawmakers could not agree on how tightly to limit how Big Data harvests and uses people’s information. Read More

Unknown Chinese APT Targets Russian Defense Sector: Researchers at Cybereason say they have discovered an undocumented malware targeting the Russian military sector. Read More

Task Force Calls for Aggressive US 'Anti-Ransomware' Campaign: A task force from the Institute for Security and Technology recommends a comprehensive framework for preparing for, disrupting, and responding to ransomware attacks. Read More

Contract Tracing Breach Impacts Private Info of 72K People: Employees of a vendor paid to conduct COVID-19 contact tracing in Pennsylvania may have compromised the private information of at least 72,000 people, including their exposure status and their sexual orientation. Read More

Security Operations and Management Startup StrikeReady Emerges From Stealth: The company’s platform is designed to help security teams quickly respond to incidents and defend against threats. Read More

SonicWall Zero-Day Exploited by Ransomware Group Before It Was Patched: Over the past half a year, the advanced threat actor was observed using multiple malware families and aggressively pressuring victims into paying the ransom. Read More





To help make sure the SecurityWeek Briefing reaches you, please add news@securityweek.com to your address book.

© 2021 Wired Business Media