Several recent ransomware attacks, including those involving Ryuk and Egregor, have used a commodity malware variant called SystemBC as a backdoor, according to Sophos.
The shortage of trained cybersecurity workers has substantially declined this year as many more individuals entered the field, says Clar Rosso, CEO of (ISC)², the U.S.-based nonprofit association that offers training to cybersecurity professionals.
Secure Code Warrior's Director of the Americas, Stephen Allor, hosts a webinar with Russ Wolfe of Capital One, in which they discuss the cybersecurity landscape in the BFSI sector.
They reveal why financial institutions are the new innovators when it comes to rolling out new initiatives, tools and training in the...
Waterfall, Agile, DevOps... it seems that every few years, a new methodology is born for optimum software creation within an organization. While these processes all have their strengths and weaknesses, the streamlining (and, er, previously absent red tape) they bring can feel like somewhat of a hindrance to the main...
In 2011, Sam Curry headed the response team for RSA's then-landmark breach. Today, as CSO at Cybereason, he looks at the SolarWinds supply chain attack and sees similarities - but also is struck by "the scale, the scope, the subtlety" of the incident.
Managing third-party risks is a key factor in maintaining business continuity, says Gaurav Mahendru, solutions architect, security and risk, at ServiceNow, who offers tips.
As we near the end of one year of living with COVID-19, the pandemic is creating new U.S. daily records for infections, hospitalizations and deaths. "The whole country is on fire," says pandemic expert Regina Phelps.
An evolving workplace, greater reliance on IoT and the cloud, and already we have seen the new face of supply chain attacks. This is the backdrop for 2021, and Imperva's Brian Anderson offers insights into the cyber-attack outlook.
Philip Reitinger has held senior cybersecurity leadership roles in both the public and private sectors. He's seen big breaches. And he says what he sees so far in the SolarWinds attack may be just the "tip of the iceberg" in terms of government and business entities that have been compromised.
Point-of-sale device manufacturers Verifone and Ingenico have released fixes for flaws in some of their devices after researchers found the vulnerabilities could have enabled attackers to steal payment card data, clone cards or install malware.
For the first time, a U.S. technology firm has been fined under the EU's General Data Protection Regulation. Ireland's Data Protection Commission on Tuesday hit social media giant Twitter with a $547,000 fine for failing to report and document a data breach within 72 hours, as required under GDPR.
To improve compliance efforts, organizations can turn to a number of technologies, including data analytics. Two experts share their views on making the most of automation and integration tools.
A new Python-based information-stealing Trojan dubbed "PyMicropsia" is linked to a hacking group called AridViper, which is active mainly in the Middle East, according to Palo Alto Networks' Unit 42.
Security teams must explain to business leaders how customer identity and access management can help with customer retention, says cybercrime and fraud expert Lenny Gusel.
Vulnerability management is vulnerable. This year's transformation has revealed new gaps in processes and tools, inspiring a new evolution to the discipline of Vulnerability Management, Detection and Response. Mehul Revankar of Qualys discusses VMDR and how to embrace it.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.