Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
The head of the NSA's Cybersecurity Threat Operations Center says attackers haven't bothered targeting unclassified U.S. Defense Department networks with a zero-day exploit in 24 months. Instead, they attempt to exploit flaws within 24 hours of information of the vulnerability or exploit going public.
The Swiss government says that online attackers used a variant of "Turla" malware - previously tied to campaigns with suspected Russian intelligence ties - to steal at least 23 GB of sensitive information from state-owned defense firm RUAG.
Backed by its own logo, Badlock refers to a set of critical Samba vulnerabilities in Windows and most Unix/Linux operating systems, which attackers could exploit to launch man-in-the-middle attacks against corporate networks.
It's been a half-year now since Art Gilliland stepped into the role of CEO at startup security company Skyport Systems. What lessons has he learned from the marketplace, and where does he expect Skyport to make its mark? Find out in this video interview.
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
As major cloud vendors, including Salesforce, integrate identity and access management features into their platforms, security professionals must size up the role that stand-alone IAM systems will play in the long run.
Consolidating Microsoft Active Directory isn't just a technical challenge, but a personnel one as well. Just ask Johnson Matthey's Steve Way, who had to calm dozens of administrators he labels as "masters of their own universe."
Well, it is good to finally have a number to go along with the Heartland Payment Systems data breach, and even better that three hackers have been indicted for the crime. Albert Gonzalez, a 28- year-old identified as the lead hacker, faces up to 25 years in prison and a $250,000 fine if convicted.
Identity and access management (IAM) deals with how users within an organization are given an identity - and how it is protected, including saving critical applications, data and systems from unauthorized access while managing the identities and access rights of people both inside and outside the...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.