Microsoft Office 365 a Major Supply Chain Attack Vector
Performance issues are not the only concern users have about Microsoft Office 365 and Azure cloud services: the office productivity suite also represents a major threat vector and an attractive target for network and supply chain attacks. On a quantitative level, Office 365 draws over 250 million active users, according ... Read More
3 Takeaways from Sandworm Hacker Group’s Indictment
The U.S.Department of Justice officially revealed in October what it said were a number of instances of Russian government-sponsored hacking when it formally indicated six members and officers in Russia’s military agency Russian Main Intelligence Directorate (GRU). In addition to naming the members of the hacker group, it was also ... Read More
Is ‘Secure Immutable Infrastructure’ a Myth?
The trend to shift left for security, when done right, has generated some positive results. As software development teams seek to deploy software at faster speeds, security teams have concurrently been tasked with making sure that compliance is met and that code is secure in such a way that software ... Read More
Russia’s Political, Legal Climate Raises Red Flags
Security professionals obviously are aware of the need to keep up with the latest threats, while concerns about specific geographic regions are usually just a subset of things to keep in mind. However, Russia-based risks should be on security teams’ radar screens, especially those doing business in or with enterprises ... Read More
Study: Organizations Still Don’t Get Mobile Security
When it comes to the security of their mobile applications, it seems organizations are still not getting it. Even when they are able to check off security compliance checklists and remain compliant on paper, evidence shows a preponderance of gaping holes in many organizations’ security nets—with the obvious and implicit ... Read More
Security Startup Boldly Claims ‘No False Positives’
Startup K2 Cyber Security says its cloud workload security platform it unveiled today offers attack detection in real time with no false positives, regardless of an application’s patch status. Additionally, its identity-based segmentation with cryptography prevents the lateral movement of threats, Pravin Madhani, CEO and co-founder of K2 Cyber Security, ... Read More