Making Zero-Day Flaws Disappear
Compliance
Compliance Twitter Get Permission
Maddie Stone, a security researcher with Google Project Zero, speaks on Friday at the AusCERT computer security conference.
This year is on track to be a record one for zero-day vulnerabilities, the term for software flaws that are being actively exploited in the wild and do not have a fix.
About 21 have been discovered so far, and if that pace continues, the year could end with more than 60, says Maddie Stone, a security researcher with Google s Project Zero bug hunting team. That compares with 24 zero-day flaws found all of last year. Why such big growth?
GovInfoSecurity
Compliance Twitter Get Permission
Ciaran Martin, former director of the U.K. National Cyber Security Center, spoke Thursday at the AusCERT computer security conference.
To defend against cyberattacks, it s important to demystify cybersecurity and break it into risks that can be managed by any organization, says Ciaran Martin, the former director of the U.K. National Cyber Security Center.
In a Thursday keynote speech at the AusCERT computer security conference in Australia, Martin, now a professor at Oxford University, said the notion that cyber incidents can t be stopped is false.
In the case of the Colonial Pipeline ransomware attack in the U.S., the picture emerging is one of criminals in over their heads, he said. The DarkSide group and its affiliates consistently exploit basic weaknesses in corporate security, he points out (see
GovInfoSecurity Twitter LinkedIn
Rising security breaches and sophisticated cyberattacks across enterprises and critical industries in the Middle East and the government s stringent regulations drive the need for new technologies and frameworks.. Middle East organizations are now supporting a 100% remote workforce and embracing cloud, mobile, and edge computing. The increased adoption of Cloud and its inherent challenges necessitates rewriting the cybersecurity framework s principles with zero trust to develop the security architecture and redefining the role-based access control strategies and privacy regulations.
Join experts from the ISMG community at our virtual summit to learn how to best adapt and balance productivity, accessibility and security.
By GCN Staff
Apr 12, 2021
Kentucky is planning to equip all the commonwealth’s 120 county clerks with Yubikey devices to enable two-factor authentication that will better protect the state’s voter registration system from unauthorized access.
Users insert a Yubikey token into the USB ports on their laptops and touch its button to verify they are a local human user and not a remote hacker.
The Yubikeys will be made available thanks to a federal grant obtained via a joint partnership of the Kentucky Secretary of State, the mayor of Lexington, Ky., the Kentucky Office of Homeland Security and the U.S. Department of Homeland Security.
Researchers at the University of California, Berkeley ranked nine technologies according to technical vulnerability, attractiveness to nation-state attackers and potential impact of a successful attack.