Significant security events have many techniques in common, says Chris Hallenbeck of Tanium, who describes why security hygiene improvement, especially patch management, is so essential.
Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz. I. Here are some points to keep in mind when drafting a program.
Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords. The exploits come despite both vendors having released patches several months ago - Pulse Secure in April, Fortinet in May.
Web hosting company Hostinger has reset all customer passwords after one of its databases was breached, affecting 14 million accounts. The intruder gained access to an authorization token that allowed access to a customer database, the company says.
Government agencies and private sector organizations around the world are experimenting with the use of blockchain to help manage digital identity. Here are three examples of pioneering efforts in the U.S., Canada and India.
After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn.
U.K. authorities are attempting to seize more than $1.1 million in cryptocurrency from a notorious British hacker who carried out attacks that targeted more than 100 companies over a two-year period, according to the Metropolitan Police Service. The currency will be sold, with proceeds used to compensate victims.
With cybersecurity teams increasingly overworked and understaffed, organizations must prioritize more intelligent approaches to automating mundane tasks and freeing experts to focus on high-impact tasks, says Franklyn Jones of Cequence Security.
The latest digital identity capabilities and fraud-fighting technologies, including greater use of machine learning and threat intelligence, enable organizations to take a bigger bite out of cybercrime, says Shaked Vax of IBM Security's Trusteer.
India's Supreme Court has agreed to consider social media giant Facebook's request that the apex court review cases now pending before several state high courts regarding linking social media profiles to Aadhaar numbers in an effort to help curb the spread of fake news.
Where have all the hacktivists gone? While the likes of Anonymous, AntiSec and LulzSec became household names in the early 2010s, in the past three years the number of website hacks, defacements and information leaks tied to bona fide hacktivists has plummeted.
Eighty suspects, most of them Nigerian nationals, have been indicted on charges of running global business email compromise and romance scams that led to millions of dollars in fraud and allegedly involved a complex money-laundering operation.
VMware is acquiring cloud security firm Carbon Black in a $2.1 billion cash deal to bolster the virtualization giant's security portfolio. It's also acquiring Pivotal, a company that focuses on helping its customers build applications in the cloud as well as through new technologies such as containers.
Chinese advanced persistent threat groups are targeting cancer research organizations across the globe with the goal of stealing their work and using it to help the country address growing cancer rates among its population, according to researchers at cybersecurity company FireEye.
The latest edition of the ISMG Security Report analyzes the ransomware attack on Texas municipalities as part of a broader trend. Also featured: An initiative designed to safeguard the 2020 presidential elections and a CIO's third-party risk management efforts.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.