Hackers behind a campaign of deceptive sweepstakes spam hacked their way into Azure cloud accounts that lacked multifactor authentication and obtained admin privileges for Exchange servers. Microsoft advises turning on MFA and other measures such as conditional access.
Palo Alto Networks has been in a 19-month dry spell when it comes to major acquisitions, but it looks like that's about to change. Israeli business publication Calcalist reported Monday the firm is closing in on a deal to buy New York-based code risk platform provider Apiiro for around $600 million.
Silicon Valley-based startup Fortanix is looking to capitalize on the growing demand for security and encryption across on-premises data centers and major cloud providers through a recently completed $90 million Series C round of funding led by Goldman Sachs' equity arm.
The traditional security monitoring architecture has been troubling security teams with data silos, performance issues, and delays in retrieving archived data for years. Many analysts who continue to operate with the antiquated SIEM architecture stack also experience a high volume of alerts—with many false...
In this episode of "Cybersecurity Unplugged," U.S. Air Force Chief Software Officer Nicolas M. Chaillan, a former DHS and DOD adviser, shares his opinions about the government's handling of DevSecOps and cybersecurity, where progress is being made and where more work needs to be done.
Organizations must think differently about how to detect adversaries in the cloud rather than merely shifting their on-premises controls. Combining Carbon Black's insights into the endpoint with NSX's ability to see network connections has allowed VMware to more effectively spot lateral movement.
The sale of Tufin to Turn/River Capital will accelerate the network management firm's move from a perpetual to subscription-based licensing model, says CEO Ruvi Kitov. The deal will give Tufin access to Turn/River Capital's knowledge, best practices and playbooks around subscription licensing.
Zero Trust is moving away from being just an aspirational goal to an adversary-focused approach to stopping modern attacks like ransomware and supply chain threats. The rapidly evolving adversarial tactics and techniques mean that they could enter your network using compromised endpoints, identities and cloud...
No secret: Public cloud provides the technical catalyst to the healthcare industry’s modernization and the keys to the kingdom in terms of globalization. The resulting access to usable swaths of data is invaluable - and high-risk. ClearDATA's Chris Bowen weighs in on mitigating the risks.
With VMware's updated network virtualization platform, users can launch an entire workload with a single click without having to open a ticket. VMware says the platform enhances east-west network traffic security to stop attackers' lateral movement, simplifies multi-cloud security and lowers costs.
Legacy appsec scanners don’t protect APIs. Some niche appsec tools may cover a small portion of them, but typically only scan API documentation. This is simply not enough to find and fix API vulnerabilities, early in pre-prod, and throughout the software development lifecycle (SDLC).
With Traceable’s API...
Security maturity in development teams should be a continuous cycle of improvement with realistic goals along the way. As development teams increase their security maturity, they reduce the amount of rework and minimize risk while also allowing automation to help create efficiency in the SDLC.