Rather than entrust third-party suppliers to keep their supply chain secured, organisations should adopt a zero trust security strategy and establish basic cyber hygiene to safeguard their data.
Adversaries are turning their focus on cheaper, easier targets within an organisation's supply chain, especially as businesses increasingly acquire software from external suppliers.
An idea is being floated to backport FLoC blocking code to existing WordPress users.
The Google One VPN app gets a tick of approval from the Internet of Secure Things Alliance.
All live online teaching has been cancelled on Thursday and Friday.
After disabling FTP functionality, the code will be removed in Firefox 90.
University confirms the personal information included in the breach contained names, email addresses, and phone numbers of some staff, students, and external parties
After trying to get vendors to produce updates to fix vulnerabilities quicker, Project Zero is trying an explicit patch period.
NordVPN is a hugely popular VPN service. But how does it perform? We take a deep dive into features, capabilities, and performance of this well-known VPN offering.
The move combines pro-grade backup hardware with AI-enhanced anti-ransomware technology.
Microsoft's Edge 90 is available to the 'Stable Channel,' meaning mainstream users, on April 15. Here's what's new.
US agencies NSA, FBI and CISA, along with the UK's NCSC, accuse 'Cozy Bear' Russian APT group of campaigns against SolarWinds. Organisations are urged to patch the five VPN and cloud vulnerabilities being exploited in ongoing attacks.
Want to avoid having your online accounts hacked? Enable two-factor authentication, a crucial security measure that requires an extra step when signing in to high-value services. In this post, I explain how to set up 2FA and which accounts to focus on first.
Google's Android Team is backing an effort to introduce Rust as a second programming language in the Linux kernel.
Chrome 90 has arrived with new privacy features and fixes for 37 security flaws.
This is the ultimate security key for professionals.
Durable, fully reversible connectors, encapsulated in epoxy resin, and with updatable firmware.
I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download.
FIPS 140-2 Level 3 compliant storage drive with wireless unlock feature and remote management. IP57 rated for dust and water resistance.
The Netgear BR200 Insight Managed Business Router has been designed to be easy to set up, and features a built-in firewall, VLAN management, and remote cloud monitoring, and can be managed from anywhere you have an internet connection.
The YubiKey 5C NFC can be used across a broad range of platforms -- iOS, Android, Windows, macOS and Linux -- and on any mobile device, laptop, or desktop computer that supports USB-C ports or NFC.
The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have been asking for -- USB-C support.
Transparency in security.
Certo AntiSpy is not an app. Instead, it is a utility that you download and install on a Windows or Mac, and you use that to scan a backup of your iOS or iPadOS for subtle signs of intrusion.
Would you like to spend less time unlocking your Android smartphone? Android has you covered.
Quite a few readers have expressed an interest in seeing what's inside a super-secure DataLocker DL3 encrypted hard drive. Well, let's get the screwdrivers out and take a look!
External hard drive featuing AES 256-bit XTS mode encryption and a built-in LCD keypad.
Millions of us have adopted smart home and IoT devices, but these products continually prove themselves to be vulnerable endpoints. Here are some of the most noteworthy IoT cyberattack examples of this year.
Time to dump those cheap dollar-store flash drives, or the ones you picked up at a trade show and get a encrypted micro USB SSD that would impress James Bond.
Despite a worldwide pandemic, cyberattackers haven't stopped poking holes in our defenses. These are the worst incidents so far in 2020.
ZDNet Security Update: Danny Palmer talks to Ann Johnson, corporate vice president at Microsoft, about the rise of ransomware and the measures you can take to avoid becoming a victim.
Danny Palmer tells Karen Roby about two-factor authentication, password managers, and other cybersecurity tools you can use to help stay safe while working remotely. Read more: https://zd.net/3d1PxB6
Tonya Hall interviews Hillery Hunter, CTO of IBM Cloud, about confidential computing and why is about to upend cloud security.
Businesses are too busy patching to worry about firmware attacks, according to a Microsoft-commissioned study.
ZDNet catches up with Cowbell CEO Jack Kudale and Corvus Chief Product Officer Mike Lloyd to talk about the intersection of software and cyber insurance, the role of prevention, and what keeps them up at night. Read more: https://zd.net/2Pemotj
Teams is now big enough for Microsoft to launch a dedicated bug bounty program for the platform.
ZDNet Security Update: Danny Palmer talks to Troy Hunt, digital security advisor to NordSec, about how online habits are changing and how to protect yourself from hackers and cyber crime.
Danny Palmer tells Karen Roby why there's been a rise in ransomware going after education and what needs to be done to protect against attacks. Read more: https://zd.net/3cm9RNd
Nick Rossmann, Global Lead for Threat Intelligence at IBM Security X-Force, talks to Tonya Hall about the threats lurking behind the computer screen.
Tonya Hall asks Dr. Edward Amoroso, CEO of TAG Cyber, what's the best defense against a nation-state threat actor.
Danny Palmer tells Karen Roby how hackers are exploiting four zero-day vulnerabilities in Microsoft Exchange Server and what you can do to avoid falling victim. Read more: http://zd.net/3rdowOG
ZDNet Security Update: Danny Palmer talks to Rick Holland, CISO at Digital Shadows, about what happens when law enforcement and cybersecurity companies take down underground forums.
The companies have touted the merger will make them the 'greatest concentration of cybersecurity industry expertise' in Australia.
The disruption of Emotet was a blow for cyber criminals - but just weeks later, the gap is being filled by other trojans and botnets.
Legislation detailing the scope of law enforcement's access to COVID-19 contact tracing data is passed in Singapore, but questions are raised on whether police access should be included given the erosion in public trust.