A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
Few internet-connected devices are built to be secure by default, and the problem is getting worse because many devices are connecting to poorly secured cloud services, says Ken Munro of Pen Test Partners.
Today's workforce is increasingly working remotely and relying on a variety of devices and cloud services to accomplish their jobs. Organizations must support but also secure this push, or they risk driving employees to adopt shadow IT, warns Jon Oberheide of Duo Security.
To help ensure that their sensitive data cannot be exfiltrated, some organizations have adopted data diodes, which are hardware devices designed to provide a one-way link to stop exfiltration or block remote attackers, says Mike Timan of Owl Cyber Defense.
Container adoption is skyrocketing, and so are concerns around securing container-based applications. While the market is still in its early phase of embracing this technology, lessons learned from securing Fortune 500 enterprise deployments against simple and sophisticated attacks alike are showing the path...
Organizations face a variety of security challenges as they attempt to secure their environments from the ever-changing threat landscape. As organizations look to gain more insight from their security devices, while gaining improved speed to detect and respond, Managed Detection and Response (MDR) continues to evolve...
At the start of RSA Conference 2019, Jon Callas of the ACLU discusses how attitudes toward privacy continue to evolve and why the general tenor of the conversation is not as bad as some headlines suggest.
The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
Windows, MacOS and Linux operating systems don't sufficiently protect memory, making it possible for a fake network card to sniff banking credentials, encryption keys and private files, according to new research. Fixes are in the pipeline, but caution should be used before connecting to peripherals in public areas.