At least they are admitting it. DoD is already doing part of this; the UK is going all in. In an unusually candid admission, the UK government acknowledged that its years-long approach to its own cybersecurity was flawed and warned it will be impossible to meet a previous target of securing all government organizations by […]
Continue reading → [DISPLAY_ACURAX_ICONS]Cybersecurity firm Cyberark says that “non-human” identities outnumber human identities by more than 80 to 1. This includes machine identities and AI identities. Riddle me this: If you have a compromise (or think you do) and you see the “user” is Joe but Joe is logged into 20 virtual machines and has 50 AI driven […]
Continue reading → [DISPLAY_ACURAX_ICONS]This is a tale of three firewall vendors: Cisco, Checkpoint and Fortinet and their security challenges. First, even though we likely think of a firewall as a piece of hardware, in reality, it is just a specialized computer – think of it as the original Internet of Things device – that runs a lot of […]
Continue reading → [DISPLAY_ACURAX_ICONS]You may have heard of the Chinese cyberattack on American telecommunications giants like AT&T, Verizon and Lumen (AKA Qwest or US West). Between 2019 and AT LEAST 2024, they had free reign to listen in to conversations like Trump, Kamala Harris and millions of ordinary people, but the scope is getting much bigger. While the […]
Continue reading → [DISPLAY_ACURAX_ICONS]SBOMs or Software Bills of Material are a way to let customers know what is in your software – kind of like the list of ingredients in food. The feds came out with an initial SBOM guideline in 2021 and have been working on it since then. Different people have different takes on SBOMs from […]
Continue reading → [DISPLAY_ACURAX_ICONS]Hackers are targeting messaging apps using commercial spyware, CISA warned earlier this week. They said: Multiple threat actors have used “sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app,” which then lets them deploy additional malware and acquire deeper access to the target’s phone, CISA said in […]
Continue reading → [DISPLAY_ACURAX_ICONS]