CISA issued a warning to organizations running Pulse Secure VPN servers that their networks may still be vulnerable to hacking even if they applied patches for a previous flaw. Attackers are now using stolen Active Directory credentials to access networks.
For many cybercrime investigators, it's all about indicators of compromise - evidence that a crime has occurred. But what if you were to shift toward cataloging behaviors that could indicate an attack is ongoing or imminent? Sam Curry of Cybereason explains the IoB concept.
The "zero trust" network architecture model is 10 years old - and suddenly more relevant than ever. How does John Kindervag, the creator of zero trust, feel about his "baby" today, and what advice does he give to organizations looking to adopt the model?
As countries pursue national 5G rollouts, an unwanted security challenge has intensified: Some extremists have been vandalizing or even firebombing transmitter masts, driven by conspiracy theories suggesting not only that 5G poses a public health risk, but that it also helps cause COVID-19.
Enterprises long have practiced workforce identity and access management, but increasingly they are rolling out customer IAM, or CIAM. What's driving the trend, and where should cybersecurity leaders look to assert influence? Keith Casey of Okta explores some CIAM myths and realities.
One measure of the popularity of the Zoom teleconferencing software: Cybercrime forums are listing an increasing number of stolen accounts for sale, which attackers could use to "Zoom bomb" calls and push malicious files to meeting participants. Security experts describe essential defenses.
Can you "big tech" a way out of a pandemic? Many governments around the world are trying, and Australia is joining the herd with a contact tracing app. But Australia has a splotchy record of large government tech projects, including in health, that may result in low voluntary adoption of an app.