The U.S. Federal Communications Commission estimates the total cost for smaller and rural telecom carriers to rip and replace Huawei and ZTE gear from their networks to enhance national security will be over $1.8 billion.
Several cities in the Netherlands have installed IoT traffic lights. But researcher Rik van Duijn says his team found security problems that could enable attackers to remotely trigger the lights.
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
The latest edition of the ISMG Security Report features a discusssion with Equifax CISO, Jamil Farshchi, on the lessons learned from the credit reporting firm's massive data breach three years ago. Also featured: Australians' driver's licenses leaked; privileged access management tips.
Federal regulators are reminding healthcare organizations about the importance of accurate IT asset inventory management to help reduce breach risk. Regulators have also beefed up a HIPAA guidance portal for mobile app developers.
In application security testing, Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) are prominent techniques. However, Interactive Application Security Testing (IAST) is a promising new entrant in AST, helping to dramatically reduce false positives. This white paper provides a...
A $5 million lawsuit seeking class action status has been filed against Morgan Stanley, claiming the financial organization failed to properly safeguard personally identifiable information when the company discarded old computer equipment.
A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
Warning: Hackers are actively attempting to exploit two zero-day flaws in the IOS XR Cisco operating system that runs its carrier-grade routers. Cisco has described ways to partially mitigate the vulnerabilities while it preps patches.
Kubernetes has emerged as the de-facto standard for orchestrating containerized applications. While Kubernetes abstracts away many complexities, it also introduces new operational and monitoring challenges. In fact, the latest CNCF survey cites monitoring as one of the biggest challenges in adopting...
Despite rapid and widespread deployment, APIs remain poorly protected and automated threats are mounting. Personally identifiable information (PII), payment card details and business-critical services are at risk due to bot attacks.
Download this whitepaper to learn more about:
Symptoms of bot attacks on APIs
Key...
Jeff Schilling, global CISO at Teleperformance, a Paris-based company offering digitally integrated business services worldwide, describes four principles for mitigating security risks for the remote workforce during the COVID-19 pandemic.
In the face of growing cybersecurity threats, it is increasingly important to measure the cost and concentration of "exposure." Having an accurate view of the resilience of organizations and industries against cyber-attacks can help target efforts to reduce exposure to the sectors that need it most and enhance...
"Transparent Tribe," a hacking group that targets military and diplomatic organizations, has updated its Crimson remote access Trojan to enable the malware to steal data from removable devices and then use these devices to spread to other systems, according to new research from Kaspersky.
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.