The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank's failure to properly oversee the decommissioning of several data centers, putting customer data at risk of exposure.
Microsoft collaborated with cybersecurity companies and government agencies to take down the million-device Trickbot botnet in an effort to help protect the Nov. 3 U.S. election and stop the global spread of ransomware and other malware.
Two types of autopilot systems can be tricked into reacting after seeing split-second images, according to new research into autonomous vehicles. Although this could pose a risk, deep-learning software could keep the systems from being tricked.
Steve Jobs once said: "Marketing is about values." But how well is the cybersecurity solutions message being received amid the convergence of pandemic and economic strains? We brought an outspoken group of CMOs and CISOs together to discuss the topic.
Microsoft's IoT platform, Azure Sphere, which launched in February, is the company's bet to address the growing security and management problems around connected devices. A three-month bug bounty program for the platform resulted in resolving a number of vulnerabilities and awarding $374,000 in bounties.
Ransomware has emerged as the No. 1 online threat targeting public and private organizations this year. Seeking maximum returns, more gangs have moved beyond opportunistic attacks to target organizations with "post-intrusion ransomware." Meanwhile, many victims fail to report such crimes to police.
Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices.
The Reserve Bank of India's "New Umbrella Entity" initiative, designed to support a digital retail payments system similar to National Payments Corp. of India, would be a game-changer to boost digital innovation in the payments industry, according to a panel of experts.
Organizations around the world must build stronger cyber resilience programs to help ensure they can bounce back from cyberattacks, says Craig Rice, group director of cyber resilience at Aviva, a British multinational insurance firm, who describes how regulatory requirements will evolve.
Eight months after Microsoft issued a critical security update fixing a remote code execution flaw in Exchange Server, more than half of these mail servers in use remain vulnerable to exploits, according to the security firm Rapid7.
As Universal Health Services continues to recover from an apparent ransomware incident last weekend that affected system access for hundreds of its facilities, security experts say others can learn important lessons from the company's experience.
Blackbaud, a provider of cloud-based marketing, fundraising and customer relationship management software, now acknowledges that a ransomware attack in May could have exposed much more PII - including banking details - than the company initially believed, according to an SEC filing.
Microsoft has issued additional instructions on how to better implement a patch to fix an elevation of privilege vulnerability called Zerologon in Windows Server that affects the Netlogon Remote Protocol. The update comes as Cisco Talos researchers report a spike in attempts to exploit the flaw.
Microsoft and the Cybersecurity and Infrastructure Security Agency have issued warnings that a critical vulnerability in Windows Server dubbed "Zerologon" is being actively exploited in the wild. They urge users to immediately apply an available partial patch.