Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
The growing demand for innovation has accelerated implementations of automated software development pipelines whilst driving open source consumption to new heights.
For the fifth anniversary of this report, Sonatype collaborated with Gene Kim from IT Revolution, and Dr. Stephen Magill from Galois and MuseDev. ...
Connected devices - the sheer number of them and the scale of the cybersecurity risks they pose - are a top concern in 2020 and beyond, says Robert Falzon of Check Point Software Technologies, who weighs in on the threats and technologies he's watching.
5G is coming, and with it comes the promise of connectivity on an unprecedented scale. And then there are the security concerns about infrastructure, connected devices and a new multifaceted attack surface. Olivera Zatezalo of Huawei Technologies Canada discusses these concerns.
Microsoft's Remote Desktop Protocol is one of the most widely used utilities for connecting to remote machines. But it poses risks if organizations don't actively monitor how it's used, says Chris Morales of the security firm Vectra.
Unstructured data stores - text documents, excel spreadsheets, emails, pdfs and more - store untold volumes of personal and customer data. And as privacy and data protection regulations like the GDPR, CCPA, and NYDFS come into the spotlight, it's more important than ever to implement a privacy-centric approach to data...
A bipartisan group of lawmakers has introduced a bill to help U.S. telecommunications providers "rip and replace" any Chinese-built networking equipment. The move comes as many experts warn that using Huawei or ZTE 5G equipment poses an unacceptable national security risk.
With all of the tools deployed for endpoint detection and response, enterprises today are often overwhelmed by threat intelligence, says J.J. Thompson of Sophos. To alleviate "analysis paralysis," Sophos has just launched its Managed Threat Response service. Thompson details its offerings.With all of the tools...
A security researcher has uncovered what may rank as one of the most significant iOS weaknesses ever discovered: a flaw that enables bypassing the security protections present in most Apple mobile devices. While the vulnerability can't be patched, an attacker would need physical access to exploit it.
Delayed enforcement of the "strong customer authentication" requirements for online transactions under the European Union's PSD2 regulation is hampering efforts to enhance security. That's why the European Banking Authority should act quickly to develop a new timeline.
In today's security environment, organizations have to realize that attackers are likely inside a company's environment already - no matter how well they're protected. As a result, security programs are now more proactive with analysts actively searching for the hackers that defeated their defenses.
Effective detection and response to persistent threats requires obtaining ongoing, comprehensive endpoint visibility. This can make developing and executing an effective endpoint security program exceptionally difficult due to the impact it can have on user experience.
Download this white paper to learn more about...
Expectations of online businesses have never been higher. Customers expect personalised experiences and high platform security, while demanding more streamlined registration processes. And if they don't get them, they'll take their business elsewhere.
Resultantly, businesses are experiencing a profound tension. How...
APT groups that are backed by the Russian government rarely share code with each other, fostering a competitive landscape, according to a new report. This shows that Russia is willing to push the limits of its sophisticated cyber capabilities, researchers conclude.