Newly discovered microarchitectural data sampling flaws in Intel processors - collectively dubbed "ZombieLoad" - could be exploited to steal private data from PCs and servers, including shared cloud environments. Intel, Microsoft, Apple and others have begun to ship patches designed to help mitigate the problems.
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
Every day needs to be password security day - attackers certainly aren't dormant the other 364 days of the year. But as World Password Day rolls around again, there's cause for celebration as Microsoft finally stops recommending periodic password changes.
How far does an organization's risk surface extend, and who are the custodians of all that data? A new research report aims to answer those questions. In a joint interview, Kelly White, of RiskRecon and Wade Baker of the Cyentia Institute offer an analysis.
Fraud, e-hustles and social engineering attacks continues to proliferate, the FBI's latest report into the state of internet crime confirms. But over the past year, a new FBI tactic for quickly stopping fraudulent wire transfers has notched notable successes.
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
In just five years' time, the public cloud security conversation has changed dramatically, says Matt Chiodi of Palo Alto Networks. But security leaders still struggle with visibility and compliance.
Business perimeters are becoming far more difficult to secure in the age of multicloud. Laurence Pitt of Juniper Networks discusses security strategies for the new era.
Organizations may have great cybersecurity intentions, but translating those desires into a robust security reality is often challenging, says Ratinder Ahuja, CEO of ShieldX Networks. That's why he advocates automation to ensure intention equals reality.
Greg Jensen of Oracle Security discusses highlights of the Cloud Threat Report, prepared in partnership with KPMG, and why shared responsibility is now a primary focus.
In an exclusive interview, IBM Security GM Mary O'Brien talks with ISMG about her first year in this role, addressing the skills crisis, application security, the cloud and how to defend against cyberattacks.
If you had to guess what day of the week a hacker will hit your organization, the answer might seem obvious: Hackers prefer to strike on Saturday. And a review by Redscan of cybersecurity incidents reported to Britain's privacy regulator before GDPR took effect confirms it.
Too many organizations continue to approach security with a "perimeter defense" mindset despite enterprise networks long having moved past on-premises data centers to myriad cloud services, says Ajay Arora of Vera Security.
CISOs need to work with partners in other departments to help ensure the success of major security projects, says John Pescatore, the director of the SANS Institute, who spoke at RSA Conference 2019.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.