CISOs are gaining additional discretionary powers to make risk-based decisions, especially as organizations implement the ISO 27035-3 incident response standard, says Khawaja Mohammad Ali, CISO of a large federal bank in Pakistan.
Reviewing online attack trends for the first half of the year, numerous cybersecurity firms agree: COVID-19 was king. As the pandemic has reshaped how many live and work, so too has it driven attackers to attempt to exploit work-at-home challenges and virus fears.
U.S. government agencies are supposed to have patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. But CISA warns that too many agencies' systems remain unpatched.
Will recent U.S. indictments of several alleged Iranian hackers - as well as government sanctions against an APT group - have a deterrent effect? Security experts share their opinions on the impact of these actions.
Foreign and domestic hacking activity targeting NASA continues to grow at a time when many staffers are working at home, space agency officials testified at a Friday Congressional hearing where they were questioned about risk mitigation efforts.
Hackers compromised the network of Saudi Arabia's Virgin Mobile KSA, gained email system access and offered stolen data for sale on the dark web. According to a source with knowledge of the attack, the incident - remediated late last week - is one of a string of attacks against organizations in the Middle East.
A hacking group targeting Iranian dissidents has developed malware that can bypass two-factor authentication protection on Android devices to steal passwords, according to Check Point Research. The hackers have also targeted victims' Telegram accounts.
The posting on Russian underground forums of source code for the Android mobile banking Trojan Cerberus has led to an increase in attacks as well as updates to the malware, the security firm Kaspersky reports.
An organization has successfully implemented a "zero trust" framework when it can achieve context-aware resolution of a risk, says Dr. Siva Sivasubramanian, CISO of SingTel Optus, an Australian telecommunications firm.
Empire is the latest darknet market to "exit scam," meaning administrators ran away with users' cryptocurrency, leaving the market to fail. Given the ongoing risk of exit scams, as well as police often targeting such markets, why do they persist?
Check Point Research analysts have observed a significant rise in online attacks against the educational sector worldwide since July. DDoS attacks have surged in the U.S., while European institutions have been hit by ransomware.
Mozi, a relatively new peer-to-peer botnet, is now dominating global IoT network traffic, according to a new report from IBM's X-Force unit. The malware is being used to launch DDoS attacks as well as mine for cryptocurrency.
The U.S. Commerce Department is banning the downloading and hosting of China-based social media apps TikTok and WeChat effective on Sunday, citing national security concerns. The announcement comes as Oracle continues to negotiate a deal for partnering on TikTok's U.S. operations.
The latest edition of the ISMG Security Report analyzes whether a leaked database compiled by a Chinese company should be a cause for serious concern. Also featured are discussions on vulnerability disclosure challenges and risks posed by using social media apps for payments.
A Secure and Resilient Cybersecurity Infrastructure Is Key to Mitigating Cyber Attacks
As we have been reminded in 2020, standard hygienic practices are crucial to combating viruses like COVID-19. The same is true in cybersecurity, everyone must practice basic security hygiene to boost their defenses against...