Security researchers targeted by North Korean hackers

Over the past few months, hackers have been trying to surreptitiously backdoor the computer systems of a number of security researchers working on vulnerability research and development at different companies and organizations, the Google Threat Analysis Group (TAG) has revealed on Monday. The hackers’ tactics The hackers, who Google TAG believes are backed by the […]

Continue Reading

How secure configurations meet consensus

Have you ever wondered how technology hardening guidelines are developed? Some are determined by a particular vendor or driven by a bottom-line perspective. But that’s not the case with CIS Benchmarks. They’re developed by the Center for Internet Security (CIS) and the only consensus-developed security configuration recommendations both created and trusted by a global community […]

Continue Reading

How do I select a data encryption solution for my business?

It is a mathematical certainty that data is more protected by communication products that provide end-to-end encryption (E2EE). Yet, many CISOs are required to prioritize regulatory requirements before data protection when considering the corporate use of E2EE communications. Most Fortune 1000 compliance and security teams have the ability to access employee accounts on their enterprise […]

Continue Reading

How much is a vulnerability worth?

As part of its crowdsourced security program, Zoom has recently increased the maximum payout for vulnerabilities to $50,000. Such figures make great headlines and attract new talent in search of the big bucks, but here is a question that begs to be answered: how much is a vulnerability worth? I have previously found several bugs […]

Continue Reading