A Look Ahead: Troy Leach's Predictions and Trends for 2023

Tom Field • December 7, 2022

Data management, supply chain assurance and regulatory evolution are among the topics touched upon in this look at the year ahead with Troy Leach, chief strategy officer of the Cloud Security Alliance. Find out what trends Leach is watching and the predictions he makes for 2023.

Cryptocurrency Fraud

UK Court Orders Crypto Firms to Share Data to Track Thieves

Latest

Endpoint Security

Novel Botnet Dubbed 'Zerobot' Targets Slew of IoT Devices

Prajeet Nair • December 8, 2022

A novel botnet dubbed "Zerobot" by Fortinet researchers is taking advantage of vulnerabilities in a slew of networking equipment and networked cameras with an emphasis on equipment manufactured in East Asia. The botnet exploits 21 separate vulnerabilities.

Black Hat

Cybersecurity Pros: Fresh Challenges Face 'Next Generation'

Mathew J. Schwartz • December 8, 2022

As the potential harm posed by technology increases, the cybersecurity stakes are changing, warned speakers at Black Hat Europe. With governments taking a greater interest in regulating cybersecurity - and perhaps practitioners - experts urged practitioners to collectively guide their own destiny.

Encryption & Key Management

Apple to Enable End-to-End Encryption of iCloud Backups

David Perera • December 7, 2022

Smartphone giant Apple says that starting later this year, users can enable end-to-end encryption of iPhone backups stored in the company's commercial cloud. Apple took pains to frame its announcement in the context of cloud computing data breaches.

Artificial Intelligence & Machine Learning

As Complexity Challenges Security, Is Time the Solution?

Mathew J. Schwartz • December 7, 2022

"Who here thinks your network or environment will become more complex next year?" a cybersecurity veteran asked the audience at Black Hat Europe this week in London. As attackers' capabilities continue to improve, Jeff Moss said defenders must learn to succeed or fail faster.

Endpoint Detection & Response (EDR)

SentinelOne Pushes Upmarket to Minimize Effects of Slowdown

Michael Novinson • December 6, 2022

SentinelOne plans to go after more Fortune 500 and Global 2000 organizations as the economic downturn prompts customers to shrink the size of their purchases. Over the past year, the company doubled the number of clients spending at least $100,000 and $1 million with SentinelOne annually.

Fraud Management & Cybercrime

Rackspace Confirms Exchange Outage Caused by Ransomware

Akshaya Asokan • December 6, 2022

Ransomware lies behind the ongoing outage of hosted Exchange services at Rackspace, the company disclosed in a Tuesday update. The company did not disclose any particular ransomware actor. It told federal regulators that the outage is likely to create a financial loss.

Cybercrime

US Prosecutors Unspool xDedic Criminal Marketplace Cases

Prajeet Nair • December 6, 2022

The 2019 seizure by U.S. law enforcement of online criminal marketplace xDedic is paying dividends for lawyers unrolling prosecutions of accused fraudsters who allegedly obtained compromised credentials from the site. The FBI and IRS estimate that xDedic facilitated more than $68 million in fraud.

Application Security

Snyk's Iain Rose on How to Secure Cloud-Native Environments

Michael Novinson • December 5, 2022

Organizations should build apps and design development workflows in a way that embraces how quickly cloud-native architectures change, says Snyk Solutions Engineer Iain Rose. Unlike traditional on-premises environments, containerized applications are designed to be ephemeral, Rose says.

Security Information & Event Management (SIEM)

Securonix Taps Ivanti, BMC, SAP Vet Nayaki Nayyar as New CEO

Michael Novinson • December 5, 2022

Securonix has snagged longtime Ivanti, BMC Software and SAP executive Nayaki Nayyar as CEO to strengthen product capabilities and customer experience. One of a handful of female CEOs in the vendor community, she doubled Ivanti's total addressable market during her 30 months as president.

Cyberwarfare / Nation-State Attacks

A Look Ahead: David Pollino on Evolution of the CISO Role

Tom Field • December 5, 2022

From the invasion of Ukraine to the conviction of a former Uber CISO and the Musk takeover of Twitter, it's been a watershed year for cybersecurity concerns. Veteran CISO David Pollino reflects on 2022 and looks ahead to the challenges - and opportunities - that await in 2023.

Business Continuity Management / Disaster Recovery

Rackspace Hosted Exchange Still Offline Over Security Issue

Prajeet Nair • December 5, 2022

Thousands of Rackspace customers continue to face hosted Microsoft Exchange Server outages after the managed services giant took the offering offline after being affected by an unspecified security incident Thursday. Rackspace urges affected customers to at least temporarily move to Microsoft 365.

Identity & Access Management

OneSpan CEO on Joining Identity Verification and e-Signature

Michael Novinson • December 4, 2022

Bringing OneSpan's identity verification and e-signature businesses together in the cloud will allow the company to secure the whole customer transaction life cycle, says CEO Matt Moynahan. Customers want security capability that is seamlessly integrated and interwoven across their entire workflow.