The key to prioritizing which risk alerts require immediate action is knowing what your most valuable assets are, says Angelo G. Longo, U.S. information security officer for BetMGM, an online sports betting and gaming entertainment company.
A remote code vulnerability in the Android version of the file-sharing app SHAREit could allow hackers to tamper with the app's permissions, enabling them to steal sensitive data, reports security firm Trend Micro.
Mike Hamilton, founder and CISO of CI Security, followed an unusual path that led him to a career in cybersecurity. He says those who, like him, lack a formal education in security can build successful CISO careers.
French cybersecurity authorities are warning that widely used, open-source IT monitoring software called Centreon appears to have been hit by Russian hackers. But unlike the SolarWinds supply chain attack, in this campaign, attackers appear to have hacked outdated, unpatched versions of the software.
Her title says "information security," but Radian CISO Donna Ross considers herself more of a security risk officer. It's an important distinction that drives her approach to technology, leadership and communicating with senior leadership.
Bloomberg has stood firm on its controversial story from two years ago asserting that China implanted a tiny chip on motherboards made by Supermicro. But rather than proving its contention in a follow-up, it may have inflicted more reputational damage upon itself.
Following the hacking of a Florida water treatment plant, CISA is warning the operators of other plants to be on the lookout for hackers who exploit remote access software and outdated operating systems - and to take risk mitigation steps. The advice applies to other organizations as well, some security experts say.
Siemens has mitigated 21 vulnerabilities in two of its virtualization software tools that, if exploited, could enable attackers to gain remote control, exfiltrate data or cause systems to crash. It's urging customers to shift to updated versions of the software that fix the flaws.
The Biden administration has appointed Anne Neuberger, the deputy national security adviser for cyber and emerging technology, to coordinate the investigation into the cyberattack that targeted SolarWinds and other organizations, following criticism from two senators that the probe has lacked coordination.
Flavio Aggio, CISO of the World Health Organization, has had a long career across many sectors. He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks.
Glauco Sampaio comes from a technology background. But as CISO as well as privacy and fraud prevention officer at Cielo, a Brazilian payment card processor, he focuses on how to marry technology with business risk - and how to share his vision with business executives.
The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall. The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.
The developers of LodaRAT malware, which has previously only targeted Windows devices, have developed a new variant, Loda4Android, that targets Android devices, according to Cisco Talos.
As the investigation into the hacking of a water treatment facility in Florida continues, cybersecurity experts say the incident points to the urgent need to enhance operational technology security. Here are five key questions the incident raises.
Three CISOs offer real-world insights on addressing the challenges involved in implementing a "zero trust" framework to enhance security in an era when so many remote employees are accessing applications and data in the cloud as well as within internal networks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.