HackDig : Dig high-quality web security articles for hackers

Apple Acquires Device Management Company Fleetsmith

Apple has acquired Fleetsmith, a San Francisco-based company that specializes in solutions designed to help organizations manage the Apple devices used by their employees.Fleetsmith’s enterprise device management solution automates setup, patching, intelligence and security for Macs, iPhones, iPads and Apple TV devices.“We’re thrilled to join Apple. Our shar
Publish At:2020-06-25 09:09 | Read:136 | Comments:0 | Tags:Mobile Security Network Security NEWS & INDUSTRY Securit

Microsoft Defender ATP Gets UEFI Scanner

Microsoft has extended the protection capabilities of Microsoft Defender Advanced Threat Protection (ATP) with the addition of a Unified Extensible Firmware Interface (UEFI) scanner.With hardware and firmware-level attacks increasing in frequency over the past several years, Microsoft has decided to expand its security solution’s capabilities to ensure it ca
Publish At:2020-06-18 14:15 | Read:148 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Security Architecture

New Security Tech in Intel CPUs Protects Systems Against Malware Attacks

Intel on Monday unveiled a new security technology for its processors that will help protect systems against attack methods commonly used by malware.The new Control-Flow Enforcement Technology (CET), which is built into the hardware microarchitecture, will initially be available in the upcoming Tiger Lake mobile processors, but the tech giant plans on includ
Publish At:2020-06-15 13:39 | Read:125 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Ap

Zoom Not Offering End-to-End Encryption to Free Users to Help Law Enforcement

Zoom’s chief executive revealed on Tuesday that free users will not be offered end-to-end encryption as the company wants to assist the FBI and local law enforcement in their investigations.Zoom’s popularity has increased significantly since the start of the COVID-19 pandemic due to many people being forced to work and study from home. This popularity has al
Publish At:2020-06-03 15:57 | Read:249 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Risk Management Security Archite

Why You Need to Put Your Security to the Test

We’re all familiar with the expression ‘Trust but verify.’ Unfortunately, when it relates to protecting their networks, most organizations rely on trust but don’t verify that their security solutions are working as they should. A recent survey (PDF) of security operations effectiveness found that just 37 percent of security professionals have hard evidence t
Publish At:2020-04-13 12:05 | Read:414 | Comments:0 | Tags:INDUSTRY INSIGHTS Security Architecture Security Infrastruct

Microsoft Launches Free Zero Trust Assessment Tool

Microsoft last week announced the availability of a tool designed to help organizations see where they are in their journey to implement a zero trust security model.Nupur Goyal, senior product marketing manager at Microsoft, told SecurityWeek that the tool is free and available to anyone.“Our assessment tool will help orgs assess readiness across identities,
Publish At:2020-04-06 15:56 | Read:386 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Security Architect

Microsoft Trials Election Security Solution in Wisconsin

Microsoft representatives are in Fulton, Wisconsin, on Tuesday to conduct the first real-world trials for ElectionGuard, the company’s open source election security solution.Introduced in May 2019, the free software development kit (SDK) was created in collaboration with Galois, aiming to provide end-to-end verification of elections. Moreover, the tool opens
Publish At:2020-02-18 12:14 | Read:514 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Audits Security Arc

Firefox 74 Will Disable TLS 1.0 and TLS 1.1 by Default

Beginning March, when Firefox 74 is set to arrive in the release channel, Mozilla will disable older Transport Layer Security (TLS) protocol versions as default options for secure connections.An improvement over the Secure Sockets Layer (SSL) protocol, TLS is meant to improve the security of the Web, but flaws and weaknesses in older iterations, specifically
Publish At:2020-02-11 11:26 | Read:466 | Comments:0 | Tags:NEWS & INDUSTRY Security Architecture Data Protection Ma

Devices Still Vulnerable to DMA Attacks Despite Protections

Many devices, including ones often found in enterprise environments, are likely still vulnerable to direct memory access (DMA) attacks, despite the fact that hardware and software vendors have implemented protections that should prevent such attacks, firmware security company Eclypsium said on Thursday.DMA is designed to allow hardware components or peripher
Publish At:2020-01-30 10:15 | Read:674 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Security Architecture

Evolution of OpenSSL Security After Heartbleed

OpenSSL has evolved a great deal in terms of security since the disclosure of the Heartbleed vulnerability back in 2014.OpenSSL, an open source library that implements the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, is widely used by organizations to protect communications.In April 2014, the world learned that OpenSSL was affecte
Publish At:2019-12-26 10:15 | Read:927 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Identity & Access Sec

Tips to Help MSSPs Choose a Threat Intelligence Partner

As small and medium-sized businesses (SMBs) increasingly recognize that a reactive security posture is no longer sufficient for protecting their networks, managed security service providers (MSSPs) that cater to SMBs face both an immense opportunity and a considerable challenge.The opportunity is for MSSPs to harness the growing demand among SMBs for proacti
Publish At:2019-12-16 12:00 | Read:865 | Comments:0 | Tags:INDUSTRY INSIGHTS Security Architecture

Researchers Warn of New Cache-Poisoned DoS Attack Method

A group of security researchers from German universities has devised a new class of web cache poisoning attacks that could render victim services unreachable.The cache is meant to reduce the volume of network traffic through the reuse of HTTP responses and helps applications scale at large, in addition to providing protection against denial-of-service (DoS)
Publish At:2019-10-24 22:15 | Read:974 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Cloud Security Security

Tech, Security Firms Launch Operational Technology Cyber Security Alliance

Several major tech and cybersecurity companies have joined forces for a new initiative called the Operational Technology Cyber Security Alliance (OTCSA), which aims to help industrial and critical infrastructure organizations address challenges related to OT security by providing guidance and resources.Founding members of OTCSA include equipment manufacturer
Publish At:2019-10-23 10:15 | Read:1278 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Risk Management Security Arc

Microsoft Invests in Securing Device Firmware

Microsoft is working with PC manufacturing and silicon partners to design devices with a more secure firmware layer.The initiative aims to combat threats that are specifically targeting the firmware and operating system levels with the help of Secured-core PCs, devices that apply security best practices to firmware.These devices, the technology giant explain
Publish At:2019-10-22 22:15 | Read:997 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Security Architecture

Cybersecurity Firms Partner on Open Source Security Technology Development

A group of cybersecurity companies this week announced the Open Cybersecurity Alliance (OCA), a joint effort focused on the development of open source security technologies.Established with initial open source contribution from IBM Security and McAfee and formed under the OASIS (Organization for the Advancement of Structured Information Standards) internatio
Publish At:2019-10-09 12:00 | Read:1006 | Comments:0 | Tags:NEWS & INDUSTRY Security Architecture Security Infrastru


Share high-quality web security related articles with you:)