The Need for Chief Risk Officers | 2021-02-05 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website…
Read More
Developing a risk-based cybersecurity approach | 2021-02-05 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website Uses…
Read More
Cybercrime on the rise: Plotting a way forward | 2021-02-05 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. …
Read More
Affected by a Data Breach? Here Are Security Steps You Should Take We share personal information with companies for multiple reasons: to pay for takeout at our favorite restaurant, to check into a hotel, or to collect rewards at the local coffee shop. While using a credit card is convenient, it actually gives away more personal data than we may realize. ShinyHunters Breach Last week, the hacker, ShinyHunters, leaked information from companies including Pixlr.com, Bonobos.com,…
Read More
Jack Wallen walks you through the manual process of installing ModSecurity for NGINX on Ubuntu Server 20.04. Image: iStock/sdecoret ModSecurity is the most widely-used and respected web application firewall for open source web servers. It can be used with both Apache and NGINX to provide protection from a number of HTTP attacks (such as SQL injections and cross-site scripting) against web-based applications like WordPress and Nextcloud. In other words, this module should be considered a…
Read More
The Big 8: How to heighten cybersecurity governance | 2021-02-04 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. …
Read More
5 reasons why Active Directory is the CISO’s Achilles heel | 2021-02-04 | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn…
Read More
As a risk professional, when I look across the various organisations that I have worked with, one thing is clear: Risk is either embraced and used to drive smart decision making, or it is seen as a huge blocker for progress that must be avoided at all costs! When risk management is understood, it can really be used to drive a technology department into the future, and at progressive speed. Appetite vs. tolerance vs. threshold –…
Read More
SonicWall releases a patch after researchers confirm exploitation of a zero-day vulnerability in SonicWall Secure Mobile Access Background On January 22, SonicWall published a product notification regarding a “coordinated attack on its internal systems” conducted by “highly sophisticated threat actors.” SonicWall believed the attackers had exploited “probable zero-day vulnerabilities” in specific SonicWall products used for remote access. As they continued with their investigation, they provided additional updates into the root cause of the attack, primarily…
Read More
America’s National Cyber Investigative Joint Task Force (NCIJTF) has released a new joint-seal fact sheet in a bid to raise public awareness about ransomware. The sheet was created to publicize both the current threat posed by this particular type of malware and detail the United States government’s response. In addition, the document describes common infection vectors, tools for attack prevention, and who to contact in the event of a ransomware attack. To produce the sheet, the NCIJTF…
Read More
Introduction Cloud computing services have grown exponentially in