The latest edition of the ISMG Security Report discusses why Britain is struggling to determine whether to use China's Huawei technology in developing its 5G networks. Plus: An update on a mobile app exposing infant photos and videos online and an analyst's take on the future of deception technology.
Cloud maturity and confidence are growing, but security leaders are still reluctant to host highly sensitive data in the cloud. These are findings of a new Barracuda Networks survey. Chris Hill and Gemma Allen of Barracuda explore the results and what they mean.
Whether security testing is driven by compliance or as part of standard security resiliency testing, it is a vital component of an organization's defenses, especially in today's era of high-profile breaches.
Download this whitepaper to learn more about:
The role of deception in security testing
Examples of Red Team...
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities.
Hackers have been increasingly probing the North American power grid for weaknesses, but the industry - driven in part by regulators - is increasingly able to identify and repel attackers, industrial cybersecurity experts say.
Is it possible that a nation-state actor such as Iran could create a cybersecurity incident that compromises the U.S. power grid? Bernie Cowens, most recently CISO at the nation's largest electric utility, says that's unlikely because the power grid is more cybersecure than you might think.
The latest edition of the ISMG Security Report discusses "Orwellian" surveillance activity in 2020 via the ToTok app. Also featured: the controversy over enabling law enforcement to circumvent encryption; the cyberattack risks posed by IoT devices.
The security company Check Point has revealed several vulnerabilities in TikTok, the popular Chinese video app that has raised concerns lately from the U.S. military and lawmakers. The issues are fixed, and TikTok says it doesn't appear the issues were exploited for a breach.
Nearly 16,000 malware-infected MicroTik routers in Southeast Asia have been scrubbed of Coinhive cryptojacking code, which mines for monero, thanks to an international police operation. Globally, however, 26,000 MicroTik routers reportedly remain infected with the stealth monero-mining code.
Not even George Orwell could have predicted nation-state surveillance in the 21st century. Give us free instant messaging for our smartphones, and faster than you can say "viral kitten video," we're collectively part of a mass surveillance nightmare. Case in point: The ToTok social messaging app.
Following the U.S. killing of Iran's Maj. Gen. Qasem Soleimani last week, security experts have warned of possible retaliatory cyber strikes. Tom Kellermann of VMware believes those attacks are imminent. "The period of mourning is over, and I think the holy war in American cyberspace is yet to begin."
From past roles at the Department of Justice, Department of Homeland Security, Microsoft and Sony, Phil Reitinger has learned more than a thing or two about nation-states and cyber threats. In this exclusive interview, the head of the Global Cyber Alliance discusses how to respond to potential new threats from Iran.