Cybersecurity pro Alana Scott was building her skills and her career in the conventional manner: by attending conferences and looking to network.

But she and several colleagues found that they experienced a “kind of awkwardness when we tried to find our place in that space.”

As she explains: “It was not an active, ‘What are you doing here?’ It was more like they just didn’t see you. It was more like no one was engaging with you. No one was saying, ‘How are you? Nice to see you.’”

[ Diversity in security: Discover how 3 organizations are making a difference | Subscribe to CSO newsletters. ]

Such experiences, Scott says, could—and, indeed have—discouraged people of color from taking part in industry meetings and professional associations, which in turn could impact career growth and future opportunities.

To read this article in full, please click here

Read More

What is malware?

Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs attackers use to wreak destruction and gain access to sensitive information.

The key point is that malware is identified as such based on its intended malicious use, not a particular technique or technology. This means that the question of, say, what the difference is between malware and a virus misses the point a bit: a virus is a type of malware, so all viruses are malware (but not every piece of malware is a virus).

How does malware spread and get on your device?

You’ve probably heard the words virus, trojan, and worm used interchangeably. In fact, the terms describe three different kinds of malware, which are distinguished from each other by the process by which they reproduce and spread.

To read this article in full, please click here

Read More

A slow response to a data breach or other cybersecurity incident can cost companies time and money, as well as damage to their reputation. To help companies accelerate their response to cybersecurity incidents, Magnet Forensics is offering a new application, Magnet Automate Enterprise, designed to automatically trigger investigations into security breaches and synchronize incident detection and response tasks by third party tools.

Magnet Forensics has a track record for developing investigation software for the processing of evidence from computers, mobile devices, IoT devices and cloud services, and has had a strong user base among law enforcement and government agencies. The new software is geared specifically for enterprises, allowing them to recover evidence of security incidents from corporate networks and remote endpoints.

To read this article in full, please click here

Read More

Security researchers, enterprise software maker SAP, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued warnings over a critical vulnerability affecting Internet Communication Manager (ICM), a core component of SAP business applications that enables HTTPS communications. Tracked as CVE-2022-22536, the vulnerability allows attackers to use malformed packets to trick SAP servers into exposing sensitive data without needing to authenticate, according to Onapsis Research Labs. A security patch is available and organizations are urged to update as soon as possible.

To read this article in full, please click here

Read More