Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.
Cybersecurity vendor Imperva's breach post-mortem should serve as a warning to all those using cloud services: One mistake can turn into a calamity. The company accidently left an AWS API key exposed to the internet; the key was then stolen and used to steal a sensitive customer database.
Personalized product retailer CafePress has been hit with a lawsuit alleging that it failed to notify 23 million customers about a data breach in a timely manner or follow security best practices. The company was allegedly still using outdated SHA-1 to hash passwords, which can be easily cracked.
To ensure privacy is protected, governments need to make sure standards and regulations keep pace with the latest technology developments, including facial recognition and other forms of artificial intelligence, says Steven Feldstein, an associate professor at Boise State University.
The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections.
As cyberattacks grow in frequency and complexity, businesses are turning to threat intelligence to better understand those attacks and protect themselves. Threat intelligence uses data points to provide an understanding of threats to an organization, but intelligence is only as good as the data available. If data...
Security Information and Event Management (SIEM) solutions have typically been focused on alerting organizations of issues that applications and network hardware identify. When those alerts go unheeded or don't deliver next steps on how to mitigate threats, SIEM can become an expensive and ineffective tool.
Many organizations aggressively roll out SIEM or log management based on sales promises that "it will do everything for you." While these promises are mostly true, they may represent an organization's end goal, not their realistic starting point.
The reality is that SIEM functionality is limited to where the...
Effective security is a moving target - that's not news. So how can an organization stay ahead of the game? By giving itself the ability to see farther.
The power of centralized log data is the ability to see more by giving your security data more context. And as most analysts know, context can mean the difference...
Nation-state attackers have been targeting known flaws that customers have yet to patch in their Pulse Secure, Palo Alto and Fortinet VPN servers, Britain's National Cyber Security Center warns, adding that any organization that didn't immediately apply patches should review logs for signs of hacking.
Facebook is falling under renewed pressure for its plans to make its messaging platforms fully encrypted. The U.S., U.K. and Australia are asking Facebook to ensure law enforcement can access messages.