tldrdailynews.com logo
Tag

Zero Trust

All articles tagged with #zero trust

press-releases2 months ago

CrowdStrike bets on browser security by acquiring Seraphic and SGNL tech

CrowdStrike announced it will acquire Seraphic Security to extend its Falcon platform to the browser, uniting Seraphic’s in-session browser protection with SGNL’s continuous authorization for a unified Next-Gen Identity Security that protects every interaction from endpoint to browser to cloud. The move aims to turn any browser into a secure enterprise browser, enabling in-session zero-trust enforcement, dynamic per-session permissions, and browser data protection, while supporting unmanaged devices and AI-enabled workflows. The deal is expected to close in CrowdStrike’s first fiscal quarter of FY’27, funded mainly with cash and a stock component, subject to closing conditions.

via CrowdStrike|
#crowdstrike#cybersecurity#press-releases
CISA mandates security for Internet-exposed network devices in federal agencies.
cybersecurity2 years ago

CISA mandates security for Internet-exposed network devices in federal agencies.

CISA has issued a binding operational directive (BOD) ordering federal civilian agencies to secure misconfigured or Internet-exposed networking equipment within 14 days of discovery. The directive applies to networked devices with Internet-exposed management interfaces, such as routers, firewalls, proxies, and load balancers. Federal agencies have 14 days to either restrict access to the networking equipment's interface to the internal network or implement Zero Trust measures to enforce access control to the interface via a policy enforcement point separate from the interface itself. CISA will conduct scans to identify devices and interfaces falling within the directive's scope and provide technical expertise to help agencies secure devices.

via BleepingComputer|
#cisa#cybersecurity#federal-agencies
Protecting Your Car from High-Tech Thieves
technology3 years ago

Protecting Your Car from High-Tech Thieves

Thieves have found a new way to bypass electronic security on modern cars by using a method called CAN injection, which relies on physical access to a car's CAN bus. By tapping into the data wires that run through a car, a thief can inject malicious commands into the network, allowing them to wake up the car's computer controllers, falsify the presence of the car key, and drive off. This attack requires a thief to partially disassemble the target car, but it entirely bypasses the car's key, unlike relay attacks that simply extend the key's radio range. Automakers can implement a "zero trust" approach to stop these kinds of attacks, but it would require a new commitment to security.

via Jalopnik|
#auto-theft#can-injection#car-security