Microsoft blamed an internal network configuration change for outages that disrupted access to Microsoft 365 services, including Microsoft Teams and Outlook, for users around the world. The change has been rolled back and additional infrastructure added to speed restoration, it says.
How does a CISO map his goals to the security investments made by a company long before he came onboard? How can you balance the short-term and long-terms goals at a new organization? Aditya Vardhan, CISO of Jindal Power & Steel, shares his insights on ensuring a smooth transition.
Researchers have linked Chinese advanced persistent threat group Playful Taurus, also known as Vixen Panda and Nickel, to a series of attacks against Iranian organizations between July and December 2022. The group recently updated its toolkit to include a new variant of the Turian backdoor.
There are many questions about the security aspects of the Central Bank Digital Currency, or CBDC, and how it will be deployed. Dr. N Narayanan Rajendran, chief digital officer of the Multi Commodity Exchange of India, shares his views on the road ahead with CBDC.
Posing as leading banks, the North Korea-backed BlueNoroff group is evading Microsoft Windows' Mark of the Web security measure to help infect machines with malware. Hackers are refining their techniques for bypassing MOTW, which warns users when they try to open a file downloaded from the internet.
A North Korean state-sponsored APT group targeted nearly 900 foreign policy experts from South Korea to steal their personal data and carry out ransomware attacks. Targeted individuals mainly had backgrounds in diplomacy, defense and security and were working toward Korean unification.
In the next three years, CISOs face daunting challenges, including rapidly changing threat vectors, new APT attacks and the implementation of new defensive solutions, says Anuprita Daga, chief information security officer and chief data protection officer at Yes Bank.
What does the latest version of India's data protection bill mean for CISOs, and what impact does it have on security practitioners? Khushbu Jain, advocate, of the Supreme Court of India, shares some of the fine print in the draft legislation and discusses some changes that CISOs may need to make.
Software life cycle management has always been part of the development team, but organizations are now looking to extend the process beyond the development team to manage the entire supply chain, says Nahas Mohammed, regional sales director at GitHub India.
DevSecOps is about security enablement at every stage within the organization - the people, process and technology. To begin the DevSecOps journey, organizations should enable and empower technology teams to think about secure design first, says GitHub's Hatim Matiwala.
Microsoft says vulnerabilities in outdated web servers are likely responsible for a cyberattack last month against Indian energy giant Tata Power. Attackers targeted Boa servers, which were discontinued in 2005, to potentially compromise Tata and other critical infrastructure organizations around the world.
Bad actors, both external and internal, can steal and manipulate data during file transfer, as most firms don't have end-to-end encryption in place. Raghunandan Kaushik, regional sales director for India and SAARC at Fortra, discusses security blind spots and best practices to address these gaps.
Why is credential stuffing hard to solve? Are weak passwords the only reason behind credential stuffing attacks? Experts Sanjay Singh, head of DevSecOps at Games24x7, and Navaneethan M., CISO at Groww, explain how geo-based authentication, user behavior analytics and monitoring can detect breaches.
As the banking sector undergoes digital transformation, the future of banking requires both securing transactions and building cyber resiliency through consistent cyber drills and creating a private network for secure financial transaction, says professor D. Janakiram, director of IDRBT.
Some organizations struggle with deciding whether to add an XDR framework to the existing threat detection and response layer, but a good analysis engine can simplify the process of processing data from multiple sources, according to SentinelOne's Vats Srivatsan and Diwakar Dayal.