In his latest rant, Ian Keller, the Troublemaker CISO, decries lazy and bad coding practices, mistakes CISOs may make and unwarranted CISO-blaming by the media, unanswered requests for more funding and staff - and the epic failures all these can produce when a breach happens, as it inevitably will.
Microsoft upgraded a vulnerability first discovered in September to "critical" after IBM Security researchers discovered attackers could exploit the flaw to remotely execute code. The latest code execution bug has a broader scope and could affect a wider range of Windows systems than EternalBlue.
Malware analysis and sandboxing solutions traditionally have been bound to operating systems and file types, but file types in the critical infrastructure world are different. Critical infrastructure cannot rely on standard malware analysis tools given the unique operating systems used in the space.
Epic Games, maker of Fortnite, will pay $520 million to the U.S. government to settle allegations it violated children's privacy and charged credit cards without authorization. Epic said its previous practices adhered to "long-standing industry practices" but that "the old status quo" has changed.
More than a quarter million Medicare beneficiaries will be issued new Medicare cards and identifiers following a ransomware attack on a government contractor compromising a range of sensitive personal and health information.
The latest edition of the ISMG Security Report discusses how investigators saw the collapse of cryptocurrency exchange FTX as "one of the biggest financial frauds in American history," how CISOs can guard against their own liability, and major security and privacy shifts and the outlook for 2023.
After years of digital transformation, cloud migration and deployment of hybrid workforces, enterprises have more endpoints than ever, which makes it important to take endpoint security to a whole new level. Pat Correia of Cisco Security shares five tips for choosing endpoint security.
Experiencing an attack is only a matter of time. Most organizations are unaware when a breach is made, and threats go undetected for months at a time due to a global lack of visibility, especially when it concerns endpoints. But there are X5 firewall practices to prevent a data breach.
Staying one step ahead of both threat actors and competitors is a tall task for Palo Alto Networks given the breadth of its cybersecurity portfolio. Palo Alto Networks has committed to having best of breed features and functionality in each of the technology categories where it chooses to play.
As the world looks into adapting 5G and studying 6G, satellite IoT is opening a new front for connectivity. There will be a demand for more LEO-based satellites for low-power communication, and these satellites will require completely new kinds of security, says Krishnamurthy Rajesh of GreyOrange.
Apple is advancing plans to allow Europeans to access third-party app stores via their iPhone and iPad, as will soon be required under European law. What this means in practice for its vaunted walled garden security model, and whether most users will bother, remains unclear.
A California dental practice that for years revealed patient data on Yelp must stop doing so and pay federal regulators a $23,000 fine. New Vision Dental, owned by Dr. Brandon Au, must also delete social media posts and send breach notification letters to affected patients.
Microsoft's last monthly dump of patches for 2022 includes a fix for a zero-day exploited by ransomware hackers to bypass the SmartScreen security mechanism for malware execution. The zero-day hinged on hackers creating a malformed Authenticode signature.
To get zero trust strategy right, it is important to know what exactly to protect and decide what your crown jewels are. Three panelists discuss the various ways to do that and also offer their thoughts on whether zero trust is need for everything.
When healthcare organizations come together through mergers or acquisitions, it is critical for the entities to carefully assess the cyber risk each poses, as well as its level of cyber maturity, says Jigar Kadakia, CISO and chief privacy officer at Boston-based Mass General Brigham.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.