A vulnerability that can impede the boot-loading process of an operating system could potentially affect billions of Linux and Windows machines, according to Eclypsium. The flaw, called "BootHole," could enable an attacker to gain near total control of an infected device.
The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.
The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight.
The Threat Intelligence Spotlight: Hunting Evasive Malware report draws on data gathered from the 650-plus organizations that eSentire protects and VMware Carbon Black's extensive endpoint protection install base.
A global pandemic, distributed workforces and rapid migration to more cloud services have altered...
Suddenly, onboarding, servicing and securing digital accounts with advanced authentication techniques isn't just a priority for global enterprises; it is the priority. Dean Stevenson of HID Global previews an upcoming virtual roundtable discussion.
The clear message from this year's Global Password Security Report is businesses still have a lot of work to do in the areas of password and access security.
Businesses are increasing their use of important security measures like multifactor authentication - but unfortunately employees still have poor password...
Outsourcing your endpoint protection can deliver positive returns by improving operational efficiency and minimizing risk, but it's not always easy to prove the business case.
This guide delivers specific direction on how to calculate savings in the context of your organization's risk while accounting for size and...
Garmin has acknowledged that a hack attack that encrypted several of its systems led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline. As of Monday, several affected services were again operating.
Trend Micro says it has seen increasing attempts to infect home routers for use as proxies and for DDoS attacks. The battle is primarily being fought by three bot families - Mirai, Qbot and Kaiten - that enable low-level fraudsters to hide their activity.
Similar to the early cloud adoption challenges of shadow IT, unknown and unauthorized IoT devices are now being deployed in the enterprise, introducing a new attack surface. Often times, these devices are deployed by various lines of business with little regard to cybersecurity risk and without coordination or...
The rapid pace of change for the the industrial internet of things will open up new risks for attacks and will require close attention to security, according to a new study from the Lloyd's Register Foundation.
Fast charging is a blessing, but there's a downside: The firmware running on some chargers can be maliciously modified. Researchers say chargers can be hacked to deliver more electricity than a device can handle.
Cybercriminals are exploiting and using weak IoT devices in new ways, including as proxies for e-commerce fraud, says Allison Nixon of Unit 221b, who predicts that the next mass attack on the scale of Mirai will likely be way worse.
The number of new in-branch account openings was already on a sharp decline before the COVID-19 pandemic. Now, the shift to digital onboarding is full-bore.
For banks, it's not enough to simply try to clone the in-branch experience and "move it online." Instead, banks must consider how technology can optimize and...
Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.