Security Boulevard

Cary, United States / North Carolina, 16th August 2024, CyberNewsWire

The post Why Training is Critical to Implementing Cisco HyperShield appeared first on Security Boulevard.

As we move through 2024, the Wallarm Research Team continues to monitor the evolving API vulnerability and threat landscape. Our latest Q2 ThreatStats™ Report reveals critical trends and developments that are reshaping the security environment. Continuing from our Q1 findings, the surge in AI API vulnerabilities is not only persisting but intensifying, with an alarming [...]

The post Unveiling Top API Vulnerabilities and Emerging Trends: Introducing the Wallarm Q2 2024 API ThreatStats™ Report appeared first on Wallarm.

The post Unveiling Top API Vulnerabilities and Emerging Trends: Introducing the Wallarm Q2 2024 API ThreatStats™ Report appeared first on Security Boulevard.

Crowdstrike’s update malfunction caused a global IT outage three weeks ago. Industry experts share the biggest lesson for IT leaders to learn.

The post The Biggest Lesson From Crowdstrike’s Update Malfunction appeared first on Security Boulevard.

Evolving threat actor tactics are capitalizing on business and technology consolidation to launch widespread ransomware attacks and requiring organizations to rethink how to address new vulnerabilities to stay secure and resilient.

The post Ransomware Surge Exploits Cybersecurity Gaps Caused by M&A appeared first on Security Boulevard.

via the comic & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Helium Synthesis’ appeared first on Security Boulevard.

Insight #1

A recent study found that chief information security officers (CISOs) are significantly more anxious about the growing complexity of cybersecurity than their chief information officer (CIO) and chief technology officer (CTO) counterparts. Nearly three-quarters of CISOs worry that cybersecurity management is becoming difficult to manage, forcing them to make risky compromises: a concern shared by less than 60% of CIOs and CTOs.

The post Cybersecurity Insights with Contrast CISO David Lindner | 8/16/24 appeared first on Security Boulevard.

Find out how your peers are managing application security challenges. 

The post ESG Survey Report Finds AI, Secrets, and Misconfigurations Plague AppSec Teams appeared first on Security Boulevard.

In a recent security advisory, Microsoft disclosed a high-severity vulnerability identified as CVE-2024-38063. This critical Remote Code Execution (RCE) flaw, rated with a CVSS score of 9.8, poses a significant...

The post CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability appeared first on Strobes Security.

The post CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability appeared first on Security Boulevard.

Trust is vital to upholding the entire ecosystem in which all businesses operate, and the erosion of trust has considerable consequences for everyone. 

The post Holding Trust for Ransom: What’s at Stake as Business Trust Erodes  appeared first on Security Boulevard.

Some recommendations and best practices to help organizations strike a balance between business growth, risk management and cybersecurity.

The post Striking a Balance Between Business Growth, Risk Management and Cybersecurity appeared first on Security Boulevard.

Combining multiple Linux security tools to protect against various threats is crucial for a robust security posture. Effective use of security tools requires knowledge of their capabilities, configurations, and how to integrate them into a comprehensive security strategy. Implementing modern security practices like live patching helps to apply critical security updates without system downtime. Linux […]

The post Essential Linux Security Tools: A Comprehensive Overview for Security Professionals appeared first on TuxCare.

The post Essential Linux Security Tools: A Comprehensive Overview for Security Professionals appeared first on Security Boulevard.

In the world of cybercrime, over 1 million domains now face a risk of threat actor-initiated takeover as the Sitting Ducks attack comes to light. As per recent reports, the attack is conducted via an exploitation of a domain name system (DNS) vulnerability and is carried out by Russian cybercriminals. In this article, we’ll dive […]

The post Sitting Ducks Attack: Over 1M Domains At Risk Of Takeover! appeared first on TuxCare.

The post Sitting Ducks Attack: Over 1M Domains At Risk Of Takeover! appeared first on Security Boulevard.

As cybersecurity, data protection, and personal information security regulations become increasingly stringent, regulatory bodies are taking robust measures to enhance oversight. However, organizations continue to face significant challenges in risk management, particularly in the unified discovery and management of internet assets, where considerable gaps remain. “Attack surfaces are expanding and vulnerability management processes are failing. […]

The post Elevate Your Risk Management Strategy with NSFOCUS CTEM appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Elevate Your Risk Management Strategy with NSFOCUS CTEM appeared first on Security Boulevard.

In 2019, most organizations already had digital transformation plans in place. These plans included migrating workloads to modern cloud architectures. However, the Covid-19 pandemic compelled organizations to expedite their modernization efforts due to practical reasons. For instance, setting up a kit (or pod) for an application using a legacy system requires a complex process involving […]

The post What’s Different About Data Security in the Cloud? Almost Everything. appeared first on Blog.

The post What’s Different About Data Security in the Cloud? Almost Everything. appeared first on Security Boulevard.

Authors/Presenters:Zheng Yang, Joey Allen, Matthew Landen, Roberto Perdisci, Wenke Lee

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.

Permalink

The post USENIX Security ’23 – TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks appeared first on Security Boulevard.

This cybersecurity playbook is inspired by Sam Curry’s insights on the crucial role of building relationships in cybersecurity to affect change in information security and the business.  He recently shared his recommendations on cyberOXtales Podcast, highlighting the significance of trust, alignment, and intimacy in fostering effective relationships within and outside the cybersecurity team. The Playbook […]

The post How to Align Infosec to Business Operations: Sam Curry’s Cybersecurity Playbook for Executives appeared first on OX Security.

The post How to Align Infosec to Business Operations: Sam Curry’s Cybersecurity Playbook for Executives appeared first on Security Boulevard.

Click fraud artificially inflates the number of ad clicks, skewing campaign results. Skewed results can blind you to the areas that need improvement, focusing ad spend on fake engagement.

The post The Hidden Cost of Click Fraud: Why Data You Can Trust, Matters appeared first on Security Boulevard.

ReliaQuest ranked LummaC2 and SocGholish among the top malware seen in Q2 and rounded out the top five list with AsyncRat, Oyster, and the growing numbers of info-stealers that were built using the Rust programming language.

The post ReliaQuest: Watch Out for Info-Stealers and RATs appeared first on Security Boulevard.

Thales PQC Partner Ecosystem Facilitates and Accelerates Quantum-Safe Migrations
josh.pearson@t…
Thu, 08/15/2024 - 17:28

As many organizations begin to embark on their journey toward Post-Quantum Cryptography (PQC) resilience, Thales can facilitate and perhaps accelerate these migrations with its rapidly expanding Thales PQC Partner Ecosystem. The PQC migration process will be a highly significant transformation in the public-key cryptography landscape to date, impacting billions of devices and applications within the world’s digital security infrastructure. This is because today’s digital infrastructures are profoundly reliant on traditional asymmetric cryptography based on RSA or ECC schemes. However, to protect sensitive data against the looming threat of quantum computing, several government agencies such as NIST, CSA, and NSA are urging moving to quantum-safe algorithms. These include the newly developed CRYSTALS-Kyber (general encryption) and CRYSTALS-Dilithium, FALCON, and SPHINCS+ (digital signatures) algorithms pending finalizations by NIST.

Data Security Encryption Key Management

Blair Canavan | Director of Business Development Digital Identity and Security, Thales
More About This Author >

As many organizations begin to embark on their journey toward Post-Quantum Cryptography (PQC) resilience, Thales can facilitate and perhaps accelerate these migrations with its rapidly expanding Thales PQC Partner Ecosystem.

The PQC migration process will be a highly significant transformation in the public-key cryptography landscape to date, impacting billions of devices and applications within the world’s digital security infrastructure. This is because today’s digital infrastructures are profoundly reliant on traditional asymmetric cryptography based on RSA or ECC schemes. However, to protect sensitive data against the looming threat of quantum computing, several government agencies such as NIST, CSA, and NSA are urging moving to quantum-safe algorithms. These include the newly developed CRYSTALS-Kyber (general encryption) and CRYSTALS-Dilithium, FALCON, and SPHINCS+ (digital signatures) algorithms pending finalizations by NIST.

According to a recent Gartner report, companies must immediately start their PQC readiness plans given the complicated and extensive nature of these migratory endeavors. This considerable undertaking includes the need for crypto-discovery, prioritization, remediation, and testing. The report also cites several leading Technology and Consulting companies with PQC-relevant solutions.

With the rise of Harvest Now Decrypt Later attacks, Thales is committed to helping customers succeed and supports a crypto-agile strategy that preserves the current security offered by traditional cryptography while adding in needed PQC protections.

About the Thales PQC Ecosystem

To facilitate and accelerate quantum-safe readiness, Thales is also committed to fostering a collaborative PQC ecosystem to ensure successful PQC-ready migration outcomes for everyone. This includes working with a variety of Consulting, Implementation, and Technology partners across both the private and public sectors most recently showcased during the RSAC2024 “Thales PQC Palooza” thought leadership forum which featured 12 panelists and industry experts with over 250 attendees.

Customers reap the benefits of building their quantum-safe infrastructures with a vetted, world-class ecosystem that includes market leaders in their respective segments to ensure a success PQC transformation while also helping reduce risk, cost, and complexity.

Sample services provided by Thales PQC Ecosystem partners can include iterative and phased advisory services, skilled implementations, Centers of Excellence for testing, Quantum Random Number Generation (QRNG), Quantum Resistant PKI, and Crypto Discovery, among many others.

Early advisory partners participating in the Thales PQC Ecosystem include Accenture, Capgemini, Deloitte, DXC, Kyndryl, Encryption Consulting and IBM Consulting. Technology Partners also include: DigiCert, Keyfactor, InfoSec Global, PQ Shield, Quantinuum, SandboxAQ, Senetas, and IDQ.

About Thales PQC Initiatives

As a leading global technology and security provider, Thales is committed to ensuring a quantum-safe future even contributing to the development of the NIST Falcon algorithm. Through continuous innovations and investment across its portfolio, the company offers several quantum-ready and crypto-agile data security solutions to meet customer needs. These include encryption key protections with Luna HSMs, High Speed Encryptors, and the CipherTrust Data Security Platform.

Thales PQC Starter Kits

In conjunction with one of our PQC Ecosystem members, Thales together with Quantinuum has created a first-of-its-kind offering to help organizations test and prepare for post-quantum cryptography. The Luna PQC Starter Kit incorporates Luna HSMs and Quantinuum’s quantum random number generation (QRNG) technology through which customers can ensure their keys are securely generated and stored while testing the PQC algorithms.

To protect vulnerable data in motion a Thales PQC Starter Kit for Network Encryption is now available.

Conclusion

While PQC migratory endeavors are a lengthy and years-long process, Thales is proud to facilitate customer success with the Thales PQC Partner Ecosystem. To learn more about our PQC initiatives and partnerships, click here.

Schema {
"@context": "https://schema.org",
"@type": "BlogPosting",
"mainEntityOfPage": {
"@type": "WebPage",
"@id": "https://cpl.thalesgroup.com/blog/data-security/thales-pqc-partner-ecosystem"
},
"headline": "Thales PQC Partner Ecosystem Facilitates and Accelerates Quantum-Safe Migrations",
"description": "Discover how Thales and its PQC Partner Ecosystem are leading the way in facilitating and accelerating quantum-safe migrations to protect against future quantum threats.",
"image": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",
"author": {
"@type": "Person",
"name": "Blair Canavan"
},
"publisher": {
"@type": "Organization",
"name": "Thales Group",
"description": "The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.",
"url": "https://cpl.thalesgroup.com",
"logo": {
"@type": "ImageObject",
"url": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png"
},
"sameAs": [
"https://www.facebook.com/ThalesCloudSec",
"https://www.twitter.com/ThalesCloudSec",
"https://www.linkedin.com/company/thalescloudsec",
"https://www.youtube.com/ThalesCloudSec"
]
},
"datePublished": "2024-08-15",
"dateModified": "2024-08-15"
} studio THALES BLOG Thales PQC Partner Ecosystem Facilitates and Accelerates Quantum-Safe Migrations

August 15, 2024

The post Thales PQC Partner Ecosystem Facilitates and Accelerates Quantum-Safe Migrations appeared first on Security Boulevard.

Chris Clements, VP of Solutions Architecture at CISO Global High-Tech Pest Control = Threat Detection & Response Imagine for a moment that your home has a rodent problem. To address this, you install a fancy system designed to automatically detect and trap animals before they can roam around your house and cause any damage. The […]

The post The Polar Bear in Your Kitchen: A Cybersecurity Analogy appeared first on CISO Global.

The post The Polar Bear in Your Kitchen: A Cybersecurity Analogy appeared first on Security Boulevard.