It's time for a new approach to application security
While applications have moved to-cloud and users are accessing them from everywhere, the way enterprises provide secure access to apps has largely remained unchanged. Teams in the midst of a cloud transformation must ensure that their applications remain secure no...
Ten years since he coined the term "zero trust," John Kindervag, field CTO of Palo Alto Networks, sees CISOs increasingly being faced with the challenge of having to implement the "never trust, always verify" model across increasingly complex IT environments, including cloud and IoT.
Vulnerability management is about more than scan-and-patch. Scanners fall short in their ability to consider existing solutions - and past investments in - security controls, and fail to identify the riskiest vulnerabilities and best actions.
Download the e-book to get the details on Skybox's unique approach to...
You can't protect what you can't see. But that's the challenge facing many security programs today - limited visibility of the attack surface, decentralized management of a heterogeneous environment, and plenty of data but little context.
That's why Skybox has packed a powerhouse of solutions into our product suite...
Most security breaches today are not the result of zero-day attacks, but exploitation of security issues such as misconfigured firewalls and ineffective vulnerability management strategies.
Download the e-book to learn how Skybox uses intelligent automation to simplify and improve the management of security policy,...
Security depends on visibility. Skybox provides the industry's most comprehensive visibility of physical IT, multi-cloud and operational technology (OT) networks, including: assets, network topology, security controls, vulnerabilities and threats.
Download this solutions guide to understand how Skybox can:
Make...
Emotet malware alert: The U.S. Cybersecurity and Infrastructure Security Agency says it's been "tracking a spike" in targeted Emotet malware attacks. It urges all organizations to immediately put in place defenses to not just avoid infection, but also detect lateral movement in their networks by hackers.
As cyberattacks increase in sophistication and penetrate networks with higher frequency and effectiveness, security professionals are expressing growing concerns about being able to quickly detect and stop in-network threats from both internal and external threat actors.
The growing number of these cyberattacks have...
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
How do you know if you are protecting your real-time communication networks from unwanted calls coming in that appear to be valid, but in fact they are malicious attempts to tie up communication applications such as IVRs or PBX trunks with long call duration times?
Telephone Denial-of-Service (TDoS) attacks are...
Companies of all sizes are implementing VoIP solutions to better support globalized business and mobile workforces. VoIP adoption isn't showing any signs of slowing down, but implementation and management aren't without challenges.
Telephony infrastructures are subject to call diverting, rerouting, and...
Many ransomware-wielding attackers continue to hack into organizations via remote desktop protocol. But some Sodinokibi ransomware-as-a-service affiliates have shifted instead to targeting victims via botnets, saying hackers' use of RDP exploits has grown too common.
Sodinokibi/REvil appears to be making millions since it seized the ransomware-as-a-service mantle from GandCrab earlier this year. Security firm McAfee says up to 40 percent of every victim's ransom payment - average: $4,000 - gets remitted to the Sodinokibi actor, with "affiliates" keeping the rest.
Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
