As security professionals evaluate their cyber posture, they should explore extended detection and response (XDR) solutions using these tools.

https://www.securitymagazine.com/articles/96771-empowering-analysts-to-strengthen-detection-and-response-initiatives

Recognize a female security professional for Security magazine’s annual Women in Security feature.

https://www.securitymagazine.com/articles/96649-securitys-women-in-security-program-now-accepting-nominations

A new feature in Tesla Model 3 vehicles raises concerns of road safety and asks the question: who is responsible for duty of care when it comes to distracted driving?

https://www.securitymagazine.com/articles/96769-teslas-distracted-driving-raises-duty-of-care-questions

Safti, a Belgian home improvement retail organization, used to employ a legacy surveillance solution to secure their store. IP cameras from IDIS have improved their security posture, according to the firm. Read more about the case study here.

https://www.securitymagazine.com/articles/96768-ip-cameras-bolster-belgian-retailers-surveillance-system

Blumira research team has discovered an alternative attack vector in the Log4j vulnerability that relies on a basic Javascript WebSocket connection to trigger the RCE locally via drive-by compromise.

https://www.securitymagazine.com/articles/96766-researchers-discover-alternative-local-attack-vector-in-log4j

There are strategies for avoiding the downsides of typical micromanagement, however, by following the path of enlightened micromanagement. Here are a few tips.

https://www.securitymagazine.com/articles/96765-toward-an-enlightened-micromanagement

The Department of Homeland Security has awarded Rutgers University a grant to conduct research into threat detection and mitigation at “soft targets” like schools, stadiums and other public venues.

https://www.securitymagazine.com/articles/96767-rutgers-opens-research-center-to-combat-security-threats

Here are seven questions to ask vendors to guide your organization’s evaluation of enterprise resource planning (ERP) application security, risk and compliance solutions and help them understand which features are genuinely the most valuable.

https://www.securitymagazine.com/articles/96764-7-essential-capabilities-to-consider-when-evaluating-erp-security-risk-and-compliance-solutions

Make your list and check it twice: by prioritizing authentication, eliminating passwords, deploying MFA and focusing on user experience, retail enterprise security leaders can ensure that hackers only get a lump of coal in their stockings.

https://www.securitymagazine.com/articles/96763-the-gifts-that-keep-on-giving-holiday-retail-authentication-best-practices

Organizations looking to reduce their risk of being impacted by a severe weather incident may consider conducting a tabletop drill, an emergency management tool designed to increase business resilience.

https://www.securitymagazine.com/articles/96761-how-to-best-mitigate-severe-weather-risks

Let’s look at how to get the most out of your Product Security Incident Response Team (PSIRT) investment.

https://www.securitymagazine.com/articles/96760-peacetime-psirt-activities-boost-security

As retailers prepare for one of the busiest times of the year, let’s discuss some of the challenges and priorities to consider now to manage the evolving cybersecurity landscape ahead of the holidays.

https://www.securitymagazine.com/articles/96759-5-tips-for-a-stronger-cybersecurity-posture-for-retailers

Luxembourg Airport will increase security at their border control system by adding a pre-registration option, mobile screening and biometric identity management. Read more about the entry-exit system from Veridos in this case study.

https://www.securitymagazine.com/articles/96758-biometrics-and-pre-registration-added-to-luxembourg-airport-border-control

As many have seen, the Log4Shell vulnerability, which was discovered over the weekend, is an extremely serious flaw and will likely impact organizations for years to come. Here’s what we know thus far, and how enterprises can remain safe as this vulnerability persists.

https://www.securitymagazine.com/articles/96754-key-takeaways-from-the-log4shell-vulnerability

The Chief Information Security Officer (CISO) role has evolved greatly since its inception in 1995. Review the pros and cons of different CISO reporting models when it comes to business resilience and cybersecurity.

https://www.securitymagazine.com/articles/96755-does-the-ciso-belong-on-the-c-suite

Cloud migration, occupancy tracking and video analytics are all top-of-mind technologies for security leaders looking forward to 2022, according to year-end predictions from Genetec.

https://www.securitymagazine.com/articles/96752-occupancy-monitoring-and-supply-chain-risks-remain-concerns-in-2022

Albert King, the Chief Data Officer of the Scottish Government, discussed the key aspects involved in Scotland’s artificial intelligence (AI) strategy in a session of Cognilytica’s AI in Government speaker series. The country prioritizes data as a means to improve decision-making and enable national goals.

https://www.securitymagazine.com/articles/96746-the-4-tenets-of-scottish-ai-adoption

Cybersecurity leaders are concerned that attackers could further weaponize the Log4j security vulnerability by creating a “worm” that spreads automatically from one vulnerable device to another.

https://www.securitymagazine.com/articles/96745-log4j-worm-fears-arise

A Vulcan Cyber study highlights the struggle of IT security teams to transition from simple vulnerability identification to meaningful response and mitigation, limiting the risk insights business leaders and IT management professionals need to effectively protect valuable business assets.

https://www.securitymagazine.com/articles/96744-most-risk-based-vulnerability-management-programs-ineffective

Lookout Threat Labs researchers have discovered a distribution of the Anubis Android banking malware that is masquerading as the official account management application from Orange S.A., a leading French telecommunications company.

https://www.securitymagazine.com/articles/96729-anubis-campaign-targets-hundred-of-financial-apps