The network is much more than just the sum of its endpoints, and the imperative to secure everything has led to detection and response emerging as a top priority for many organizations, says Chris Morales of Vectra Networks.
At the start of RSA Conference 2019, Jon Callas of the ACLU discusses how attitudes toward privacy continue to evolve and why the general tenor of the conversation is not as bad as some headlines suggest.
Four business sectors - hospitals, banks, securities firms and market infrastructure providers - potentially face the most significant financial impact from cyberattacks that could lead to a weakened credit profile, according to a new report from Moody's Investors Service.
The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
Ireland's privacy watchdog has its eye on Facebook. Ten of the 15 major investigations that the Data Protection Commission launched since the EU's tough new privacy law, GDPR, went into full effect in May 2018 are focused on Facebook.
An "authorized third party" exposed a Dow Jones database with more than 2.4 million records of risky businesses and individuals on a public server without password protection. The incident points to the importance of proper vendor risk management, security experts say.
Windows, MacOS and Linux operating systems don't sufficiently protect memory, making it possible for a fake network card to sniff banking credentials, encryption keys and private files, according to new research. Fixes are in the pipeline, but caution should be used before connecting to peripherals in public areas.
Facebook's effort to stem the flow of fake news globally has been ineffective, allege some fact checkers who have collaborated with the social media giant to identify and debunk false stories. Is the social media giant merely conducting a public relations exercise?
Every threat hunt starts with intelligence. As one of the industry's most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats.
Technology organizations say Australia's anti-encryption law passed in December 2018 is already undermining trust in their local operations. The comments come as a Senate committee is reviewing the law - passed in a hurry in December - to consider whether to amend it.
Driven by Marriott's Starwood mega-breach, California lawmakers are pushing legislation that would expand the state's pioneering data breach notification requirements to include breaches of biometric data and all types of government identification numbers, including passports.
Why are we surprised about the amount and sensitivity of data that mobile apps collect? The online industry has never been forthright about it. That's why we're faced with a yawning gap between user expectations and true privacy. And it's why Facebook, Google, Apple and others have many questions to answer.
The notorious carder site Joker's Stash is featuring a fresh batch of Pakistani banks' payment card data with an estimated street value of $3.5 million. Nearly all of the 70,000 bank cards are advertised as being from Meezan Bank, the country's largest Islamic bank, Group-IB reports.