A partial view of a factory complex is seen

(Photo by Aaron J. Thornton/Getty Images for Industrious Labs)

CVSS 4.0 keys-in on threat intelligence metrics and OT, ICS and IoT

Steve ZurierNovember 2, 2023

The Forum of Incident Response and Security Teams (FIRST) published CVSS 4.0 with an eye toward delivering finer granularity around threat intelligence metrics.

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Endpoint/Device Security

Mozi botnet goes dark under mysterious circumstances

Simon HenderyNovember 2, 2023

Researchers speculate that Chinese authorities may be responsible for turning off one of the internet’s most prolific IoT botnets.

(Photo by Sebastian Gollnow/picture alliance via Getty Images)

Security Staff Acquisition & Development

AI gives security pros employment jitters, study says

Stephen WeigandNovember 2, 2023

Respondents in an ICS2 workforce study expect the combination of economic uncertainty, a workforce skills gap and emerging technology to lead to a decrease in cybersecurity hiring.

Endpoint/Device Security

Citrix NetScaler bug protection: Close all active sessions, says Mandiant

Steve ZurierNovember 1, 2023

Critical 9.4 vulnerability lets attackers steal the token of recently connected users, allowing the attacker to gain access to whatever resources the user has permissions to access in Citrix.

Cloud Security

Cloud security still a challenge as 1 in 4 companies cite skills gap

Steve ZurierNovember 1, 2023

While cloud security investments are starting to pay off, respondents to a CyberRisk Alliance survey say their organizations still face skills gaps and lack visibility into the cloud.

Patch/Configuration Management

ServiceNow misconfiguration went unexploited, but still cause for concern

Steve ZurierOctober 31, 2023

In one sampling, Adaptive Shield reported that only 1% of 5,000 vulnerable companies are still exposed.

Risk Assessments/Management

Transform cybersecurity with process mining

SC StaffOctober 31, 2023

Gutsy’s cofounder discusses the use of the data science of process mining into cybersecurity.

A SolarWinds sign sits on top of an office building.

Supply chain

SEC charges SolarWinds, CISO with fraud in 2020 supply chain attacks

Simon HenderyOctober 31, 2023

The SEC alleges SolarWinds and CISO Tim Brown defrauded investors by not disclosing security risks ahead of the 2020 Orion Sunburst attacks.

President Joe Biden sits at a table on a stage to sign an executive order while Vice President Harris applauds.

AI benefits/risks

Cyber pros praise Biden executive order on artificial intelligence

Steve ZurierOctober 30, 2023

The new EO seen as a response to growing concern over the potential risks around AI and how to best reap the benefits while also delivering security.

CVSS 4.0 keys-in on threat intelligence metrics and OT, ICS and IoT

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

Perspectives

How cars have become the biggest threat to privacy

When companies make everything a priority, nothing’s a priority

The case for container-based firewalls

The 5 Cs of effective cyber defense: Beyond traditional technical skills

Why rookie hackers are capitalizing on ransomware

In Brief

SEC indictment against SolarWinds CISO worries cyber leaders

Malicious link shortening service for cybercrime identified

Active exploitation of F5 BIG-IP vulnerability underway

Significant data compromise possible with new Atlassian Confluence bug

US, others commit against ransomware payments

More Resources

Ransomware attacks are getting faster: How to adjust incident response plans accordingly

Ransomware gangs take less than a day to breach Microsoft Active Directory. Here’s what to do

PCI DSS 4.0: Things to do by March 2024

Endpoint security: How to protect end users from themselves

Survey: Not all endpoints are observed equally. How to strike a better balance

Mozi botnet goes dark under mysterious circumstances

AI gives security pros employment jitters, study says

Citrix NetScaler bug protection: Close all active sessions, says Mandiant

Cloud security still a challenge as 1 in 4 companies cite skills gap

ServiceNow misconfiguration went unexploited, but still cause for concern

Transform cybersecurity with process mining

SEC charges SolarWinds, CISO with fraud in 2020 supply chain attacks

Cyber pros praise Biden executive order on artificial intelligence

EVENTS

Optimizing AppSec: A Deep Dive into ASPM’s Risk-Based Approach

Survive or sink? The before, during and after of a ransomware attack

Ransomware: Designing a Strategic Detection and Response Plan

Cyber threat Intelligence: Making sense of a chaotic world

Network security in 2024: What has changed in the era of cloud computing, and how to adapt

Cybersecurity News, Awards, Webinars, eSummits, Research

CVSS 4.0 keys-in on threat intelligence metrics and OT, ICS and IoT

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

Perspectives

How cars have become the biggest threat to privacy

When companies make everything a priority, nothing’s a priority

The case for container-based firewalls

The 5 Cs of effective cyber defense: Beyond traditional technical skills

Why rookie hackers are capitalizing on ransomware

In Brief

SEC indictment against SolarWinds CISO worries cyber leaders

Malicious link shortening service for cybercrime identified

Active exploitation of F5 BIG-IP vulnerability underway

Significant data compromise possible with new Atlassian Confluence bug

US, others commit against ransomware payments

More Resources

Ransomware attacks are getting faster: How to adjust incident response plans accordingly

Ransomware gangs take less than a day to breach Microsoft Active Directory. Here’s what to do

PCI DSS 4.0: Things to do by March 2024

Endpoint security: How to protect end users from themselves

Survey: Not all endpoints are observed equally. How to strike a better balance

Mozi botnet goes dark under mysterious circumstances

AI gives security pros employment jitters, study says

Citrix NetScaler bug protection: Close all active sessions, says Mandiant

Cloud security still a challenge as 1 in 4 companies cite skills gap

ServiceNow misconfiguration went unexploited, but still cause for concern

Transform cybersecurity with process mining

SEC charges SolarWinds, CISO with fraud in 2020 supply chain attacks

Cyber pros praise Biden executive order on artificial intelligence

EVENTS

Optimizing AppSec: A Deep Dive into ASPM’s Risk-Based Approach

Survive or sink? The before, during and after of a ransomware attack

Ransomware: Designing a Strategic Detection and Response Plan

Cyber threat Intelligence: Making sense of a chaotic world

Network security in 2024: What has changed in the era of cloud computing, and how to adapt