Adequately tracking the nonstop arrival and departure of officials in the Trump White House might require real-time, multidimensional flowcharts. But one thing is clear: The White House is facing a looming cybersecurity knowledge and expertise deficit, and that deficit may soon get worse.
Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.
The rollout of EMV in the U.S. has transformed the card fraud landscape, with a major shift to online channels, says Shamoun Siddiqui, CISO at retailer Neiman Marcus.
Incident response plans must be carefully designed to meet the needs of a specific organization, says attorney Ron Raether, who outlines important legal considerations.
A coherent risk analysis program tailored to the organization is a vital component of any effort to improve cybersecurity and meet regulatory requirements, says attorney Shawn Tuma.
Critical infrastructure, including electricity grids and telecommunications networks, is under attack. Optiv's Brian Wrozek discusses the challenges CISOs face in dealing with increasingly connected industrial devices.
Spectre and Meltdown: It's déjà vu all over again as Intel is reportedly prepping a coordinated vulnerability disclosure announcement for eight new speculative execution flaws. One of the new flaws is apparently worse than any of the three Spectre/Meltdown variants that came to light in January.
Payments are getting faster, and so is payments fraud. A robust fraud management strategy focusing on strong authentication, customer education and scalable responses can be instrumental in minimizing payment fraud risk.
Equifax says it continues to field queries from U.S. lawmakers about the full extent of its massive 2017 data breach, which occurred after an attacker exploited its unpatched Apache Struts web application. Research finds that many more organizations are using unpatched Struts applications.
A remote code execution vulnerability revealed in late March in the Drupal content management system is now being used on a large scale for mining the virtual currency monero, a researcher says. At least 400 websites have been infected, and the total number is likely far higher, security experts warn.
The security industry is heavily reliant on old models that are breaking down, and trying to contort old tools to meet the needs of the new hybrid environment is difficult, says Leo Taddeo of Cyxtera.
Why do organizations need to take a top-down, risk-based approach to security? Sheetal Mehta of Wipro offers insights on optimizing security investments.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.