Researchers from the security firm Eclypsium have identified 40 poorly designed drivers from 20 hardware and BIOS vendors that can give attackers numerous way to hack into various versions of Windows.
An important component of building an effective cybersecurity strategy is to understand the mindset of attackers, says IBM Security's Etay Maor, who offers insights.
Big data analytics can help security professionals stay ahead of emerging challenges in a rapidly changing threat landscape, says Splunk's Haiyan Song.
The velocity of change at large corporations has made traditional IT security methods inadequate, but cloud-based solutions can play an important role, says Aaron Mog of RiskIQ.
Threat actors are increasingly targeting the APAC region for payment card fraud, according to a report from Gemini Advisory. For example, a group of hackers recently stole information on more than 1 million credit cards in South Korea. What can be done to stop the fraud?
More than two months after Microsoft issued the first warnings about the BlueKeep vulnerability, many enterprises have a spotty record when it comes to patching for this particularly worrisome flaw, new research from SecurityScorecard finds. Financial services companies have fared better than those in other sectors.
A new variant of the Ursnif Trojan is targeting vulnerable systems in an attempt to steal banking passwords and other credentials. The malware is spreading through infected Microsoft Word documents, and it has the ability to evade advanced security filters, according to security researchers at Fortinet.
Broadcom says it plans to acquire Symantec's enterprise security business for $10.7 billion in cash. The deal relieves Symantec of a business line where it faced aggressive competition. For Broadcom, it means gaining well-developed security offerings as it seeks to grow its infrastructure business.
Security practitioners must go beyond buzzwords, such as threat hunting, "and translate it into implementation effectiveness - controls that really sustain over a period of time," says Ashish Thapar of Verizon Enterprise Solutions, who offers an assessment of the cybersecurity threat landscape in the APAC region.
Developing robust and resilient machine learning models requires diversity in the teams working on the models as well as in the datasets used to train the models, says Microsoft's Diana Kelley.
Organizations going through a digital transformation need to make sure they develop a sound third-party risk management strategy, says RSA's Holly Rollo, who discusses best practices.
The Monetary Authority of Singapore, the nation's central bank, has mandated that financial institutions comply with risk management guidelines within the next 12 months in an effort to strengthen the cyber resilience of these organizations.
Australia's fair trading regulator says it's seeking penalties against HealthEngine, an online platform for booking medical appointments, for allegedly selling patient details to private health insurance brokers without disclosure and embellishing patient reviews of healthcare providers.
Since it was first spotted in January, the Baldr credential stealer has spread from Russian underground forums throughout the global gaming industry as cybercriminals look to harvest IDs as well as payment information from victims, according to a new analysis from Sophos Labs.
A little over a week after a breach at Capital One was revealed, more U.S. lawmakers are raising questions about what happened at the bank, including what role, if any, Amazon may have played in opening the door to the intrusion.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.