David Strom – SiliconANGLE

That Chinese attack on Microsoft’s Azure cloud? It’s worse than it first looked

David Strom — Fri, 21 Jul 2023 17:50:28 +0000

The revelations last week that Chinese hackers had breached a number of U.S. government email accounts indicate the problem is a lot worse than was initially thought, according to new research today by Wiz Inc. Indeed, this hack could turn out to be as damaging and as far-reaching as the SolarWinds supply chain compromises of […]

The post That Chinese attack on Microsoft’s Azure cloud? It’s worse than it first looked appeared first on SiliconANGLE.

CISA makes more open-source cloud protection tools available

David Strom — Wed, 19 Jul 2023 17:50:38 +0000

The U.S. Cybersecurity and Infrastructure Security Agency recently augmented its cloud security toolbox of free open-source software, and there are now five programs that can be used to identify threats, evaluate an organization’s cloud security posture, detect unusual network patterns and complement paid security products. This is a welcome trend for two reasons. First, it […]

The post CISA makes more open-source cloud protection tools available appeared first on SiliconANGLE.

The state of collaboration: It’s the people, not the tech, who make it all work

David Strom — Mon, 17 Jul 2023 21:04:48 +0000

Business collaboration is finally fulfilling its promise — but less because of new technology than people finding better ways to use it. The technology has gotten a boost, thanks to post-COVID distributed work teams that have embraced video conferencing and instant messaging. But figuring out the collaboration workflows isn’t just choosing between Microsoft Teams and […]

The post The state of collaboration: It’s the people, not the tech, who make it all work appeared first on SiliconANGLE.

Attackers target the Domain Name System, the internet’s phone book. Here’s how to fight back

David Strom — Fri, 14 Jul 2023 22:16:28 +0000

The foundational Domain Name System, essentially the phone book for the internet, used to be something nobody using the net much noticed, but lately it has become more of a target, and the cost of attacks against it are huge and growing. Recent events have once again brought issues involving the DNS, as it’s called […]

The post Attackers target the Domain Name System, the internet’s phone book. Here’s how to fight back appeared first on SiliconANGLE.

Understanding these nine ransomware stages can help harden cyber defenses

David Strom — Fri, 14 Jul 2023 17:35:18 +0000

Ransomware payouts are on track to make 2023 another banner year for criminals, netting more than $440 million since January, according to a recent analysis by Chainalysis. But there are ways for organizations to blunt the impact. First, some background: One of the reasons for ransomware’s continuing success, according to Chainalysis, is the success of […]

The post Understanding these nine ransomware stages can help harden cyber defenses appeared first on SiliconANGLE.

Managing supercloud authentication remains tricky – with no easy solution in sight

David Strom — Wed, 12 Jul 2023 14:19:55 +0000

In the early days of the cloud, authenticating people and apps was a lot simpler. Apps could be authenticated using a fairly static catalog of software-as-a-service and on-premises solutions, using single sign-on or SSO tools from the likes of Ping Identity Holding Corp., Okta Inc. and Cisco Systems Inc.’s Duo. But the growth of the supercloud […]

The post Managing supercloud authentication remains tricky – with no easy solution in sight appeared first on SiliconANGLE.

Ten years on, Snowden has had tremendous impact – good and bad – on corporate security

David Strom — Tue, 11 Jul 2023 21:35:30 +0000

Ten years ago, a young man left a nice job, his girlfriend and his home with just his laptops. His fantastic story changed the world and the way we think about our internet privacy. And today, we are still feeling the impact of the revelations from Edward Snowden (pictured) contained in thousands of documents he […]

The post Ten years on, Snowden has had tremendous impact – good and bad – on corporate security appeared first on SiliconANGLE.

US-EU data privacy framework approved but still could be inadequate

David Strom — Mon, 10 Jul 2023 16:52:13 +0000

The E.U.-U.S. Data Privacy Framework, aimed at enabling data from companies such as Google LLC and Meta Platforms Inc. to move back and forth between the two jurisdictions, today was adopted by the European Union. Today’s action by the European Commission, the EU’s executive arm, follows their adoption by the U.S. Department of Commerce last week. The […]

The post US-EU data privacy framework approved but still could be inadequate appeared first on SiliconANGLE.

State data privacy laws are changing fast – here’s what businesses need to know

David Strom — Wed, 05 Jul 2023 19:48:43 +0000

With no federal data privacy law on the books, states are doubling down on new laws governing the protection of people’s data. In the past year, Delaware, Indiana, Iowa, Montana, Oregon, Tennessee and Texas have all enacted such laws, more than doubling the number states had them previously — those being California, Colorado, Connecticut, Utah […]

The post State data privacy laws are changing fast – here’s what businesses need to know appeared first on SiliconANGLE.

How AI and large language models can help cybersecurity firms improve their services

David Strom — Mon, 03 Jul 2023 19:44:19 +0000

Just about every cybersecurity provider has an artificial intelligence-related story to tell these days. There are many security products and services that now come with built-in AI features, offering better ways to seek out and neutralize malware. Or they have new “co-pilot” add-ons that allow human operators to work hand-in-mouse with an AI-driven assistant to […]

The post How AI and large language models can help cybersecurity firms improve their services appeared first on SiliconANGLE.

Apps under attack: New federal report suggests ways to improve software code pipeline security

David Strom — Mon, 03 Jul 2023 19:22:04 +0000

The National Security Agency and the Cybersecurity and Infrastructure Security Agency late last month issued an advisory memo to help improve defenses in application development software supply chains — and there’s a lot of room for improvement. Called Defending Continuous Integration/Continuous Delivery (CI/CD) Pipelines, the joint memo describes the various deployment risks and ways attackers can […]

The post Apps under attack: New federal report suggests ways to improve software code pipeline security appeared first on SiliconANGLE.

The WeChat app is anything but private. If you must use it, here’s how to protect yourself.

David Strom — Mon, 03 Jul 2023 18:58:10 +0000

What if we had an app on our phones that combined the functions of Facebook Messenger, Venmo payments, MyPatientChart health records and WhatsApp for making voice calls, and also allowed us to download all sorts of mobile apps and games like Apple Inc.’s App Store? Furthermore, what if such an app had absolutely no privacy controls, […]

The post The WeChat app is anything but private. If you must use it, here’s how to protect yourself. appeared first on SiliconANGLE.

Will passkeys finally come to pass? A progress report

David Strom — Fri, 30 Jun 2023 19:52:38 +0000

We’re finally inching closer to curing our addiction to passwords. This week the FIDO Alliance put together an online event and posted a series of white papers to try to help businesses that want to move forward with passkeys — digital credentials that don’t require usernames and passwords — to host their first 12-step programs […]

The post Will passkeys finally come to pass? A progress report appeared first on SiliconANGLE.

Polymorphic malware and the rise of new ‘moving target’ defensive security

David Strom — Fri, 30 Jun 2023 14:42:33 +0000

An old security technology that has gotten little attention is finally ready for a new closeup. It goes by the name polymorphic code — or alternatively, automated moving target defense or AMTD — and it has been around for nearly a decade. It came into its own around 2017 when was popularized by both malware writers […]

The post Polymorphic malware and the rise of new ‘moving target’ defensive security appeared first on SiliconANGLE.

‘Zero trust’ was supposed to revolutionize cybersecurity. Here’s why that hasn’t happened yet.

David Strom — Wed, 28 Jun 2023 14:04:30 +0000

Despite more than a decade of talk, the seminal concept in cybersecurity of zero trust — the assumption that no user or device on a computer network can be trusted — hasn’t been implemented nearly as widely as one might expect from all of the attention. The problems include numerous practical and perceptual obstacles, coupled with […]

The post ‘Zero trust’ was supposed to revolutionize cybersecurity. Here’s why that hasn’t happened yet. appeared first on SiliconANGLE.

Identity fraud prevention provider Socure acquires Berbix for $70M

David Strom — Tue, 27 Jun 2023 16:58:09 +0000

Socure Inc. today announced the acquisition of Berbix, an artificial intelligence-powered document verification startup, for $70 million in cash and stock. Socure has raised copious funds, with 14 different rounds, including one $450 million round in 2021, for a total of $742 million. The companies are in the middle of a trend in this market, as […]

The post Identity fraud prevention provider Socure acquires Berbix for $70M appeared first on SiliconANGLE.

Domain Name System is once again front and center for exploits and security policy

David Strom — Mon, 26 Jun 2023 16:41:58 +0000

Two recent events are once again bringing the internet’s foundational Domain Name System into the news, and not in a good way. The first event involving the DNS last week was a warning from the Cybersecurity Infrastructure and Security Agency issued on Friday for version 9 of the Berkeley Internet Name Domain, or BIND. It calls […]

The post Domain Name System is once again front and center for exploits and security policy appeared first on SiliconANGLE.

Millions of GitHub projects found vulnerable to exploit

David Strom — Fri, 23 Jun 2023 16:38:40 +0000

Thousands of open-source code repositories on GitHub could be vulnerable to an old exploit, according to a report from Aqua Security Software Ltd.’s Nautilus research team published this week. Aqua analyzed a sample of more than a million GitHub code repositories and found almost 3% were vulnerable to an attack called repojacking. The bad actors […]

The post Millions of GitHub projects found vulnerable to exploit appeared first on SiliconANGLE.

Exclusive: The next computer in the cloud could be an IBM mainframe

David Strom — Fri, 23 Jun 2023 14:50:58 +0000

A small Minneapolis mainframe computer software startup is poised to change the way enterprises use and share data across the cloud. VirtualZ Computing Inc. claims to be the first and only woman-founded and women-led mainframe systems integrator in history. That is a bold position, but perhaps more important is its pair of revolutionary software applications […]

The post Exclusive: The next computer in the cloud could be an IBM mainframe appeared first on SiliconANGLE.

New Russian cyberattacks on Ukraine uncovered

David Strom — Wed, 21 Jun 2023 19:37:38 +0000

The protracted war on Ukraine has been fought on both physical and digital worlds, but after the initial forays last spring, Russian attacks on Ukrainian digital infrastructure have increased lately, according to new reports by three security analyst groups. Since the Russian invasion last spring, there have been a number of cyberattacks. Google LLC said […]

The post New Russian cyberattacks on Ukraine uncovered appeared first on SiliconANGLE.

The top five cloud cybersecurity threats – and what to do about them

David Strom — Wed, 21 Jun 2023 15:36:24 +0000

Cybersecurity threats continue to plague cloud infrastructures, and sadly these threats are still mostly the same from years’ past. But just because these threats continue doesn’t mean that cloud security, taken as a whole tapestry, isn’t as secure as on-premises equipment. That debate — which seems to have spanned a decade or more — should […]

The post The top five cloud cybersecurity threats – and what to do about them appeared first on SiliconANGLE.

Databases then and now: the rise of the digital twin

David Strom — Mon, 19 Jun 2023 22:52:32 +0000

When I first started in information technology, back in the Mainframe Dark Ages, we had hulking big databases that ran on IBM Corp.’s Customer Information Control System, written in COBOL. These mainframes ran on a complex collection of hardware and operating systems that was owned lock, stock, and bus and tag barrel by IBM. The […]

The post Databases then and now: the rise of the digital twin appeared first on SiliconANGLE.

Beware of fake security researchers who deliver malware

David Strom — Thu, 15 Jun 2023 18:14:26 +0000

If you come across a security researcher from a company called High Sierra Cyber Security, beware — you may get tricked into downloading malware on your computer. High Sierra is a cover for a group of hackers who have weaponized social media and the open-source GitHub code repositories. It isn’t the first time this has […]

The post Beware of fake security researchers who deliver malware appeared first on SiliconANGLE.

Management consoles can be a security nightmare, but they still lack good protection

David Strom — Wed, 14 Jun 2023 19:30:48 +0000

One of the biggest threats to enterprise networks is the ability of hackers to manipulate management consoles, the web applications for managing a variety of networked-based systems, such as virtual private networks, routers, firewalls, switches and other devices. For many years, bad actors have targeted consoles that are accessible via a public internet connection. They […]

The post Management consoles can be a security nightmare, but they still lack good protection appeared first on SiliconANGLE.

Amazon Web Services beefs up its security offerings

David Strom — Tue, 13 Jun 2023 18:45:50 +0000

Amazon Web Services Inc. today announced a variety of new security tools as well as expansions to existing services for its cloud computing customers. The goals, as described by Becky Weiss (pictured), an AWS cloud engineer presenting at AWS’ annual re:Inforce conference in Anaheim, California, are to bring more zero-trust features further across its cloud […]

The post Amazon Web Services beefs up its security offerings appeared first on SiliconANGLE.

Google Cloud announces new security services and partners

David Strom — Tue, 13 Jun 2023 16:00:18 +0000

Google LLC announced a series of cloud security services today, adding to various existing protective services and complementing its longstanding efforts with its Chronicle platform along with broadening industry partnerships with its tools. Last week, the company announced a set of best practices for protecting customers’ artificial intelligence models from hacking called the Secure AI Framework. […]

The post Google Cloud announces new security services and partners appeared first on SiliconANGLE.

How the National Guard trains its cyber soldiers

David Strom — Fri, 09 Jun 2023 13:25:20 +0000

The National Guard is best known for helping in natural disasters and domestic emergencies at the state level, but it also has a longstanding and perhaps surprising mandate: responding to cyberattacks. That requires a lot of training, and the Guard this week and next will host one of the largest cybersecurity exercises in the country. […]

The post How the National Guard trains its cyber soldiers appeared first on SiliconANGLE.

There’s a lot of enterprise-grade secure browsers out there, but are they ready for prime time?

David Strom — Wed, 07 Jun 2023 12:00:35 +0000

Securing an entire collection of web browsers across an enterprise has been a sleeper product category for many years, but it’s now heating up. That’s thanks to better management tools and an increasing awareness by information technology managers of the need to harden passwords and prevent phishing attacks. But will these things bring new life to […]

The post There’s a lot of enterprise-grade secure browsers out there, but are they ready for prime time? appeared first on SiliconANGLE.

FBI issues warnings about explicit deepfake images

David Strom — Tue, 06 Jun 2023 17:43:17 +0000

Deepfake still photos and videos have plagued the online world for several years, but now the stakes are getting higher. The problem is deepening as the quality of the fakes gets better and the ease of creating them gets easier, especially since AI technology can be used to gather and modify both audio and video […]

The post FBI issues warnings about explicit deepfake images appeared first on SiliconANGLE.

New ways to reduce the chances of ransomware attacks

David Strom — Mon, 05 Jun 2023 22:29:57 +0000

Just this past week, ransom attacks have hit a major Spanish bank, a Canadian university and a legal software-as-a-service platform. So it’s good timing that two reports released in the past month from IBM Corp. and Amazon Web Services Inc. are providing guides to how to combat the terrible tide. Although the raw number of ransom-based […]

The post New ways to reduce the chances of ransomware attacks appeared first on SiliconANGLE.