Implementing trusted digital IDs will create benefits for end users as well as service providers, says Nick Mothershaw, chair and executive director at the Open Identity Exchange. But widespread international adoption of such IDs will take time to achieve, he acknowledges.
Palo Alto Networks product alert: All users should immediately patch a "critical" flaw in Pan-OS that can be remotely exploited to bypass authentication and take full control of systems or gain access to networks, U.S. Cyber Command and the Cybersecurity Infrastructure and Security Agency warn.
The COVID-19 pandemic has introduced new risks for enterprises as employees access corporate networks and applications from home. Sudip Banerjee of Zscaler says that cloud security solutions offer advantages over VPNs.
Since the start of the COVID-19 pandemic, the number of brute-force attacks targeting RDP connections has steadily increased, spiking to 100,000 incidents per day in April and May, according to the security firm ESET. These attacks pave the way for launching ransomware attacks and planting cryptominers.
Japan has been scanning its entire IPv4 address space to find insecure home routers, web cameras and sensors. The results are encouraging, and the country's program could serve as a model for other nations aiming to avoid large-scale IoT security problems.
A recently uncovered cryptomining scheme used malicious Docker images to hide cryptocurrency mining code, according to an analysis from Palo Alto Networks' Unit 42.
A man from the state of Washington has been sentenced to 13 months in federal prison for his role in developing the Satori botnet, which was used to conduct several large-scale DDoS attacks. The Justice Department also unsealed indictments naming co-conspirators.
This edition of the ISMG Security Report analyzes whether IoT devices will outlive their security updates. Also featured: Why security spending needs to shift further upstream; could banks be custodians of identity?
A massive DDoS attack generating 809 million packets per second was recently directed against a large European bank, according to the security firm Akamai, which describes in a new report the unusual approach the attackers took.
In this new era, every enterprise is suddenly "cloud first." But there are significant data security gaps to avoid before putting critical data in the cloud. Imperva's Terry Ray shares strategies to maximize simplicity and regulatory compliance.
Compromised Credentials Monitoring (CCM) allows users to monitor exposure of compromised credentials for their enterprise domains and customer email addresses to take action after breaches to mitigate risk of account takeover (ATO). Flashpoint's advanced technology quickly collects and processes data and credentials,...
The thriving cybercrime economy of vendors hawking illicit offerings on underground marketplaces grants access to resources that reduce barriers to entry for crimes ranging from fraud to DDoS attacks.
Pricing trends for these offerings shed light not only on their accessibility to threat actors, but also on how...
It's a good time to be a CISO. You have the board's attention, and now you can use your position to ensure appropriate resources to tackle key challenges such as identity & access, cloud application security and third-party risk. Expel CISO Bruce Potter discusses how best to influence these decisions.
Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We are addressing problems too far downstream," he says.
Many ransomware gangs hell-bent on seeing a criminal payday have now added data exfiltration to their shakedown arsenal. Gangs' extortion play: Pay us, or we'll dump stolen data. One massive takeaway is that increasingly, ransomware outbreaks also are data breaches, thus triggering breach notification rules.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
