Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Weekly Cyber Security News 06/03/2020

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. I have a great weird and wonderful selection for you this week. OK, I could have just opted for the usual major breaches and boy, don’t we have a few of those? No, instead some really odd geeky and perhaps quite pointless ones caught my attention. First is a look at air craft hacking.

How to spot a fake app?

This blog was written by an independent guest blogger. There are billions of mobile phone users in the world, and every day, the number increases as people find convenience in the use of smartphones. As the number of smartphone user increases, technologies, apps, and software are continually created for these devices. However, as people shift their use to mobile devices, so are cybercriminals. Hackers are now finding ways they can to target mobile phone users.

Launching Application Control Plus: Build an infallible stronghold against all application-related threats

We’re pleased to announce the debut of ManageEngine Application Control Plus, an application whitelisting, blacklisting, and privilege management solution. IT operations could come to a standstill if applications suddenly ceased to exist, but applications can be considered double-edged swords. As important as applications are, they also form the largest threat vectors in any network.

The War of Passwords: Compliance vs NIST

The most recent National Institute of Standards and Technology (NIST) guidelines have been updated for passwords in section 800-63B. The document no longer recommends combinations of capital letters, lower case letters, numbers and special characters. Yet most companies and systems still mandate these complexity requirements for passwords. What gives?

Why It's Important to Have a Customer Community in the World of Cybersecurity

In an ever-evolving security world, we to need to secure more with even fewer resources. While the cybersecurity skills gap increases, leaving “350,000 U.S. cybersecurity jobs unfilled yearly,” it is vital to work together to protect our environments and educate others. Creating a customer community can do just that.

6 Reasons Why You Need SOC 2 Compliance

System and Organization Controls for Service Organizations 2 (SOC 2) compliance isn’t mandatory. No industry requires a SOC 2 report. Nor is SOC 2 compliance law or regulation. But your service organization ought to consider investing in the technical audit required for a SOC 2 report. Not only do many companies expect SOC 2 compliance from their service providers, but having a SOC 2 report attesting to compliance confers added benefits, as well.