Hot sessions at this week's OWASP AppSec Europe 2017 conference in Belfast, Northern Ireland, cover everything from the EU's General Data Protection Regulation and fostering better SecDevOps uptake, to quantum-computing resistant crypto and ransomware economics.
Who in the world could have attempted to mess with this past weekend's presidential election in France via a well-timed dump of campaign documents and communications from the campaign of Emmanuel Macron? Security experts say all evidence points to the usual suspect: Russian hackers.
Reporting software vulnerabilities can be legally dicey, particularly if the affected company has not previously had contact with computer security researchers. A Sydney consultant recently experienced both ends of the spectrum while investigating building management software.
The UAE Banks Federation, which has 49 member banks, has launched the Cyber Threat Intelligence Initiative 2017 to create an information sharing platform in an attempt to better detect and respond to cyberattacks. But are these banks ready to share information or report breaches?
The critical Active Management Technology flaw in many Intel chipsets' firmware can be remotely exploited using any password - or even no password at all - to gain full access to a system, security researchers warn. Numerous systems and even ATMs will require forthcoming firmware fixes.
The latest draft version of the Trump administration's cybersecurity executive order is similar to the previous version and lays out a plan to secure U.S. federal government and critical infrastructure IT that could have come out of the Obama White House.
With an aim to safeguard capital markets from cyberattacks, the Securities and Exchange Board of India has set up a committee on cybersecurity to provide guidance. But some security practitioners stress that the panel will prove effective only if its recommendations are actually carried out.
The Department of Homeland Security is warning IT service providers, healthcare organizations and three other business sectors about a sophisticated cyberattack campaign that involves using stolen administrative credentials and implanting malware on critical systems.
CISOs are increasingly being asked by management and boards to predict what the cost of a breach or cyber incident might be. But most still need to develop good predictive metrics, says Benjamin Dean, president of Iconoclast Tech.
In his world travels, Steve Durbin of the Information Security Forum sees the global cybersecurity industry coming of age. But he also sees the steady maturation of cybercriminals and their schemes. How can organizations best counter the changing threat landscape?
Security practitioners are debating the role deception technologies can play in a security strategy. But how does the latest technology actually work? Sahir Hidayatullah, CEO and co-founder of Smokescreen Technologies, offers some insights.
Score another one for social engineering: A phishing campaign used a bogus "Google Docs" app to trick people into surrendering full access to their Google accounts and contacts. Before Google squashed the campaign, up to 1 million of its users may have fallen victim.
Here are five cyber-related takeaways from FBI Director James Comey's testimony before the Senate Judiciary Committee, including his rationale on notifying Congress of his decision to reopen the probe of Hillary Clinton's use of a private email server and steps the bureau is taking to defend against the insider threat.