Sean Michael Kerner

Routers represent an attractive target for hackers to build botnets and spread malware, especially when the routers have known, unpatched remote code execution vulnerabilities. In April, the CVE-2018-14847 vulnerability was first reported in MikroTik routers that have millions of users worldwide. That initial report indicated the scope of the vulnerability was limited and only had […]

Cyber-security awareness and training vendor KnowBe4 announced on Oct. 8 that it is expanding its capabilities with the addition of Virtual Risk Officer (VRO). The VRO feature is powered by artificial intelligence machine learning technologies and is intended to provide organizations with feedback and insight into their cyber-risk. The VRO capability is being complemented with […]

FireEye announced a series of updates at its Cyber Defense Summit on Oct. 3-4 that expand the company’s capabilities. On Oct. 3, FireEye announced a new version of its Helix operations platform that enables increased automation and integrates Security Information and Event Management (SIEM) capabilities. On Oct. 4, the company announced its FireEye Marketplace offering, […]

Sometimes the fastest way to add new capabilities to a product portfolio is to acquire them. On Oct. 3, Palo Alto Networks announced that it is acquiring privately held threat defense vendor RedLock for $173 million in cash. The deal is expected to close during Palo Alto Networks’ first quarter of its fiscal 2019 year. […]

There is no shortage of data breaches and exploits reported in any given week, with many of them having a root cause in some form of application code vulnerability. There are many reasons why developers don’t always write secure code, and conversely there are many ways that security professionals can help developers, according to Tanya […]

Splunk held is annual .conf customer event Oct. 1-4, making a series of announcements about product direction and new capabilities across its portfolio. Among the new products is the general availability of the Splunk Enterprise 7.2 platform, which provides insight into log files and network traffic. Splunk also announced its latest security platform updates, including the […]

TORONTO—In July 2015, Toronto-based infidelity website Ashley Madison was breached, exposing information on more than 37 million individuals around the world. Since then, Avid Life Media, the parent company of Ashley Madison, rebranded itself as Ruby Life and brought in new cyber-security expertise, including Chief Information Security Officer Matthew Maglieri. In a session at the […]

TORONTO—Cyber-security researcher Keren Elazari came to the SecTor conference here to deliver to the button-down, business crowd a key message: Hackers can help companies improve cyber-security. Elazari delivered the keynote address on Oct. 2, providing an overview of current cyber-security challenges, including unauthorized cryptocurrency mining, ransomware attacks, SMS phishing, and issues with weak and reused […]

TORONTO—Canada, just like every other country, company and individual in the world, is a target of cyber-crime and nation-state-based attackers. The government of Canada, however, is not sitting idly by and has an active strategy to defend its networks. In a keynote address at the SecTor security conference here on Oct. 2, Scott Jones, head […]

Synopsys released its BSIMM9 report on Oct. 2, providing new insight into how organizations are using additional controls to help secure cloud and container deployments. The Building Security in Maturity Model (BSIMM) is based on data from 120 firms and more than 7,800 software security professionals, collected over a 10-year period. The 78-page BSIMM9 report […]