Forescout warns of widespread “insecure-by-design” practices
WANTED: a set of infosec principles we can all agree on
The SecAware corporate information security policy template incorporates a set of generic principles for information risk and security such as “Our Information Security Management System
conforms to generally accepted good security practices as descri…
Google Chrome Extensions Could Be Used to Track Users Online
New website can check for installed Chrome extensions and generate a fingerprint of a visiting user
Former Amazon Worker Convicted of Capital One Data Breach
The software engineer mined stolen data and installed cryptocurrency miners on some AWS servers
People = More People
This quarter we grew our team by 25%, and we have on the docket to grow by another 25% next quarter adding another 50 people in the next three months. We’re super excited about our future, and the progress we’re making. Our team growth is a…
BRATA Android Malware Group Now Classified As Advanced Persistent Threat
BRATA now targeting a specific financial institution at a time
Governance Gap Raises AI Security Concerns
Cyber now seen as most important component for adoption
QNAP Customers Hit by Double Ransomware Blitz
Taiwanese manufacturer braced for twin threat
Investigators Disrupt Giant RSocks Botnet
Russian cyber-criminals rented it out to other groups
The Matrix, policy edition
Inspired by an insightful comment on LinkeDin from an SC 27 colleague on the other side of the world (thanks Lars!), I spent most of last week updating the SecAware security policy templates and ISO27k ISMS materials.The main change was to distinguish …