Krebs on Security

OCTOBER 12, 2018

— had allegedly inserted hardware backdoors in technology sold to a number of American companies. Sager said he hadn’t heard anything about Supermicro specifically, but we chatted at length about the challenges of policing the technology supply chain. Below are some excerpts from our conversation. TS: Exactly.

Computers and Electronics 229

Computers and Electronics Internet Internet Technology 229

Cisco Security

MARCH 31, 2021

Open architecture: A platform that is proprietary is only half effective when you are leaving out control points, threat intelligence sources, and other critical tools that don’t integrate. Integrated operations: You must be able to do more than see a problem. The days of the primacy of the point solution are over. Cisco SecureX: A refresher.

Technology 114

Technology Architecture Digital transformation Data collection 114

SecureWorld News

JANUARY 17, 2024

National Institute of Standards and Technology (NIST). The report maps out a detailed taxonomy of current adversarial threats to AI systems across different modalities such as computer vision, natural language processing, speech recognition, and tabular data analytics. As adoption accelerates, so too do emerging cybersecurity risks.

Artificial Intelligence 113

Artificial Intelligence Data collection Architecture Healthcare 113

eSecurity Planet

SEPTEMBER 24, 2021

Rapid7 combines threat intelligence , security research, data collection, and analytics in its comprehensive Insight platform, but how does its detection and response solution – InsightIDR – compare to other cybersecurity solutions? Architecture: Identifies network resources and connectivity requirements for agents.

DNS 131

DNS Technology Cybersecurity Data collection 131

CyberSecurity Insiders

SEPTEMBER 29, 2021

Section 40122: Energy Cybersense Program —The Secretary, in consultation with the Secretary of Homeland Security and the heads of other relevant Federal agencies, shall establish an Energy Cyber Sense program to test the cybersecurity of products and technologies intended for use in the energy sector, including in the bulk-power system.

Energy and Utilities 108

Energy and Utilities Cybersecurity Technology Architecture 108

The Last Watchdog

JULY 30, 2018

The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. It requires a massive architecture overhaul. Related article: SIEMs strive for a comeback.

CISO 140

CISO Cyber Attacks Data collection Cybersecurity 140

eSecurity Planet

OCTOBER 20, 2023

Security Information and Event Management (SIEM): SIEM consolidates log data collecting, processing, and reporting from both cloud and on-premises systems, assisting in the detection and response to security events. Here are some examples of hybrid cloud security architectures.

Backups 120

Backups Firewall Encryption Architecture 120

The Last Watchdog

FEBRUARY 27, 2019

We’re talking about things like consumer data collection, data management platforms and retargeting enablement systems. LW: That’s a huge bucket of technology. The largest bucket is probably targeted advertising and marketing communications technologies. Olson: Take the fulfillment area.

Retail 138

Retail Digital transformation Advertising Software 138

SecureWorld News

JANUARY 4, 2024

From an information security department's perspective, the more data collected on employee actions, the more effectively potential incidents can be investigated. Integration with a customer's existing infrastructure, including other security tools and various cloud technologies , is also crucial.

Data collection 128

Data collection Surveillance Artificial Intelligence Risk 128

Digital Shadows

MARCH 5, 2025

Agentic AI refers to an advanced artificial intelligence architecture designed to perform tasks autonomously. SOC Automation In security operations centers (SOCs), agentic AI plays a crucial role in automating processes and workflows , including alert enrichment, data collection, and contextualization. What Is Agentic AI?

Artificial Intelligence 52

Artificial Intelligence Threat Detection Risk Architecture 52

McAfee

MAY 26, 2021

We have the same massively disruptive opportunity to give hope to the Defender by looking to embed self-learning automated AI systems into our prevention, detection, and response controls, as outlined by the MIT Technology Review discussing security uses for AIOps.

Architecture 93

Architecture Marketing Technology Cybersecurity 93

CyberSecurity Insiders

SEPTEMBER 21, 2021

Modern-day industrial and critical infrastructure organizations rely heavily on the operational technology (OT) environment to produce their goods and services. However, deploying the right technologies can harness all the benefits of a converged operation without increasing the security exposure profile of the organization.

Energy and Utilities 101

Energy and Utilities Threat Detection Manufacturing Technology 101

SecureList

OCTOBER 18, 2023

Like previous generations, it has extensive remote control capabilities over the infected system, has a modular architecture, and provides attackers with the ability to connect to control servers using various protocols, as well as supporting flexible proxy server chains. The last one we named MATA gen.5

Malware 141

Malware Phishing Internet Internet 141

eSecurity Planet

AUGUST 10, 2022

This is one reason organizations across industries and geographies are turning to zero-trust architectures to fortify their security posture. That’s an especially important question given the recent emphasis on the technology – including from the White House. But how effective is zero trust? Zero Trust Security Testing.

Ransomware 132

Ransomware Digital transformation Malware Internet 132

SecureWorld News

APRIL 3, 2023

The origins of Security Data Lake The idea of a Security Data Lake ( SDL) is rooted in the traditional idea of a Data Lake. Its inception was driven by the exponential growth of data and declining storage costs. A Data Lake is a storage repository that keeps vast amounts of data in its original format.

Unstructured Data 98

Unstructured Data Data collection Information Security Backups 98

McAfee

MAY 17, 2021

The background music is driving a suspenseful beat while the antagonist attempts to steal the latest technology from a very favored industry competitor called Rad-X Incorporated. SIEM technologies have been used in security operations for over 15 years for a few reasons. Go Where The Data Is – At the Source.

Architecture 78

Architecture Technology Artificial Intelligence Surveillance 78

Centraleyes

OCTOBER 28, 2024

While the European Union’s GDPR continues to set a high bar, other countries, including Australia, Canada, and Argentina, also implement strict data protection laws. Navigating this global maze of regulations and the operational and technological hurdles that come with it is no small feat.

Data privacy 52

Data privacy Encryption Risk Data breaches 52

SecureWorld News

JUNE 24, 2024

In addition, the risks of monetary and operational damage render it mission critical for enterprises to envision and enact the appropriate People, Process, and Technology safeguards to assure data protection and privacy. Remember, to leverage the trifecta of People, Process, and Technology across the enterprise ecosystem.

IoT 109

IoT InfoSec Artificial Intelligence Risk 109

eSecurity Planet

SEPTEMBER 9, 2024

ICS integrates multiple technologies to ensure continuous and efficient industrial operations. They communicate with the central control system, allowing data collection and remote control over long distances. These networks enable data exchange between PLCs, RTUs, SCADA systems, and HMIs.

Firmware 109

Firmware Encryption Manufacturing Risk 109

Centraleyes

MARCH 25, 2024

Centraleyes collects real-time threat intelligence from various sources, providing unparalleled visibility into potential vulnerabilities and gaps. The platform goes beyond data collection by automatically generating actionable remediation tasks with intelligent prioritization and efficient management.

Risk 111

Risk Data collection Architecture Government 111

Pen Test

DECEMBER 10, 2024

Reverse engineering is the process of deconstructing a product or system to understand its design, architecture, and functionality. Integration with Other Technologies AI can be integrated with other emerging technologies, such as quantum computing and blockchain, to further enhance reverse engineering capabilities.

Engineering 70

Engineering Artificial Intelligence Software Malware 70

eSecurity Planet

JULY 31, 2024

Enhances visibility: Continuous data collection and analysis provide deeper insights into endpoint security, allowing for more effective detection and response. Security tools integration: Work seamlessly with other security applications to improve the overall efficacy of your cybersecurity architecture.

Antivirus 117

Antivirus Threat Detection Malware Software 117

eSecurity Planet

SEPTEMBER 24, 2024

Planning the deployment: Create a deployment plan that considers network architecture, security infrastructure, compatibility, and the resources required for successful integration. Data Collection & Analysis EDR systems systematically collect and interpret endpoint data to get valuable insights into potential risks and patterns.

Antivirus 109

Antivirus Threat Detection Small Business Technology 109

SecureList

NOVEMBER 14, 2023

APT targeting turns toward satellite technologies, producers and operators The only known case of an attack utilizing satellite technologies that happened in recent years was the KA-SAT network hack of 2022. The next WannaCry Fortunately for us, a new cyber epidemic did not happen. Verdict: prediction not fulfilled ❌ 4.

Hacking 139

Hacking Energy and Utilities Media Malware 139

Thales Cloud Protection & Licensing

NOVEMBER 5, 2024

Vendors’ attention is increasingly fragmented across various data-collecting and transactional platforms. As if things were not difficult enough, data collection in more states and countries is becoming stricter, with increased consumer protection laws leaving retailers applying tighter data privacy to their digital platforms.

Retail 71

Retail Data breaches Digital transformation Risk 71

McAfee

DECEMBER 15, 2020

The Data Exchange Layer (DXL) technology developed by McAfee is being used by 3000 organizations today and is the transport layer used to share information in near real time. SCAP v2 was derived from the National Institute of Standards Technology (NIST.). Achieve Compliance with Critical Interoperable Communication.

Cyber threats 52

Cyber threats Architecture Technology Data collection 52

eSecurity Planet

MARCH 17, 2023

XDR is often considered an evolution of EDR, moving beyond endpoint data analysis and threat response to look at telemetry data across clouds, applications, servers, third-party resources, and other network components. With DFS, relevant data can quickly be sorted through and brought to light for investigative purposes.

Network Security 120

Network Security Penetration Testing Firewall Software 120

McAfee

DECEMBER 4, 2019

Security architecture is like the ocean: no one owns it, and it is constantly affected by change. New technologies are introduced, staff changes occur, and as a result, communication suffers. In my experience, solving security architecture issues requires a two-pronged approach.

Architecture 52

Architecture Technology Data collection Education 52

Cisco Security

AUGUST 26, 2022

Just like the myriad expanding galaxies seen in the latest images from the James Webb space telescope, the cybersecurity landscape consists of a growing number of security technology vendors, each with the goal of addressing the continually evolving threats faced by customers today. Read more here. Sumo Logic. Read more here.

Firewall 145

Firewall Authentication Passwords Threat Detection 145

Anton on Security

NOVEMBER 17, 2022

Metrics and associated data collection? Finally, “For SREs, simplicity is an end-to-end goal: it should extend beyond the code itself to the system architecture and the tools and processes used to manage the software lifecycle.“ Escalation processes? Workflows that involve other teams? and “is this complexity truly necessary?”

Engineering 100

Engineering Software Data collection Architecture 100

Security Boulevard

NOVEMBER 5, 2024

Vendors’ attention is increasingly fragmented across various data-collecting and transactional platforms. As if things were not difficult enough, data collection in more states and countries is becoming stricter, with increased consumer protection laws leaving retailers applying tighter data privacy to their digital platforms.

Retail 64

Retail Data breaches Digital transformation Risk 64

SecureList

OCTOBER 25, 2023

This architectural approach is a hallmark of APT malware. The modules The malware payload itself is structured as a monolithic binary executable code designed to support pluggable modules to extend or update its functionality. This is the only task that works in the Linux version of the malware.

Malware 145

Malware DNS Encryption Ransomware 145

eSecurity Planet

MARCH 17, 2022

Sonar’s technology is available as a self-managed (SonarQube) or SaaS-based (SonarCloud) solution, and clients can choose between Developer, Enterprise, and Data Center plans. Kibana is a free GUI for organizations working with Elastic’s ELK stack for analyzing and visualizing data from nearly any source. Sonar Features.

Penetration Testing 109

Penetration Testing Software Risk Firewall 109

SC Magazine

JUNE 9, 2021

Still, for all of the cloud’s potential benefits, many organizations have accepted more risk than they may fully realize in part because even as their business and technology portfolios have evolved, their security practices have remained mired in the past.

Risk 53

Risk Data collection Architecture Threat Detection 53

eSecurity Planet

JANUARY 26, 2022

AES-256 encryption for data at rest and TLS v1.2 Assembled by Broadcom subsidiary CA Technologies, DX NetOps offers network visibility and actionable intelligence for monitoring digital user experiences. Administrators can group traffic by container , team, or office and filter data by tag, device, or host.

Marketing 120

Marketing DDOS Threat Detection DNS 120

Centraleyes

MARCH 25, 2024

Every month, the National Institute of Standards and Technology (NIST) adds over 2,000 new security flaws to its National Vulnerability Database. The tool may work with various third-party technologies, such as ticketing systems, patch management solutions, and SIEM tools. And it’s only getting worse.

Antivirus 52

Antivirus Firewall Risk Software 52

Security Boulevard

NOVEMBER 17, 2022

Metrics and associated data collection? Finally, “For SREs, simplicity is an end-to-end goal: it should extend beyond the code itself to the system architecture and the tools and processes used to manage the software lifecycle.“ Escalation processes? Workflows that involve other teams? and “is this complexity truly necessary?”

Engineering 64

Engineering Software Data collection Architecture 64