Vulnerability Description The United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software [1]. The attacks have been ongoing since at least March 2020 and CISA has warned that many high-value targets within government, critical infrastructure, and the private sector have been compromised. Private security firm FireEye has also disclosed…

Enterprise Management Associates and Pulse Secure report that 60% of organizations have accelerated their zero trust projects during the pandemic, while only 15% have slowed down. Image: iStock/vadimrysev Zero trust is a network security model that minimizes risk by applying granular policies and controls to network access and network communications. Zero trust operates via constantly verifying the legitimacy of network communications even inside the network perimeter. Changes in location, device state, security state, behavior, and…

 Like many of you, I spent a lot of time at home this year, but it came with an unexpected upside: an excuse to upgrade all my home tech! With so many great new products on the market, from 5G devices to smart TVs, cameras, and more, there’s a lot to choose from this holiday season, and into the New Year. In fact, the smart home market is set to grow by nearly 12% over…

A cybersecurity expert suggests looking deep below the surface to find the cure for our lack of digital security. Image: iStockphoto/koyso Gregory Conti, Ph.D., senior security strategist at IronNet, in his Federal News Network article Why haven’t we ‘solved’ cybersecurity?, takes on a very difficult subject. To answer his own question, Conti, who gained significant cybersecurity experience working for several US security agencies and West Point, not only offers what he sees as big picture cybersecurity…

Expert pleads with companies to realize they are potential attack victims, no matter their size. TechRepublic’s Karen Roby talked with Marcus Valor, director of strategic threat at Darktrace, about predictions for the future of cybersecurity in 2021. The following is an edited transcript of their conversation. Karen Roby: I have to say Marcus, before we start, it actually sounds like a really cool title with the name Darktrace. All of that just sounds really cool….

Good and bad news for cybersecurity in 2021 Length: 10:50 | Dec 18, 2020 Expert sees improvement in attacks as well as defense technologies. He reminds businesses that all companies are potential targets. Source link

The attacks have reportedly hit the US Energy Department and the Federal Energy Regulatory Commission as well as other vital agencies and companies around the world. Image: Getty Images/iStockphoto State-sponsored hackers who exploited a security hole in a SolarWinds monitoring tool to infiltrate government and business networks have apparently left a long line of victims in their wake. SEE: Zero trust security: A cheat sheet (free PDF) (TechRepublic)  In an alert published Thursday, the Cybersecurity and Infrastructure…

We are excited to let you know that we have released a new experimental tool. We would love to get your feedback on it. Today we have released an experimental Docker Hub CLI tool, the hub-tool. The new Hub CLI tool lets you explore, inspect and manage your content on Docker Hub as well as work with your teams and manage your account.  The new tool is available as of today for Docker Desktop for…