Managing the key management lifecycle for multiple encryption capabilities across platforms and infrastructures is emerging as a challenge for enterprises, says Peter Galvin of Thales eSecurity.
Rather than focusing solely on preventing breaches, organizations must also embrace detection and response, says Tim Roddy of Fidelis Cybersecurity, who offers strategic insights.
Are you a fraudster craving an easy way to generate Microsoft Office documents with embedded malicious macros designed to serve as droppers that install banking Trojans onto a victim's PC? Say hello to a toolkit that debuted in February called Rubella Macro Builder.
Yahoo, now known as Altaba, has agreed to a $35 million civil fine with the U.S. Securities and Exchange Commission to settle accusations that the search giant failed to promptly notify investors about a December 2014 data breach.
Visibility in the cloud includes understanding all aspects of critical applications and comparing this data in real time with historical data, says Sharon Besser of GuardiCore. This enables implementation of an effective and efficient security policy, he says.
Large healthcare companies in the U.S., Europe and Asia are getting hit with a backdoor that comes from a long-observed group, which Symantec calls Orangeworm. The backdoor has been found on X-ray machines and MRIs.
The city of Atlanta's ransomware outbreak cleanup and response tab has hit $2.6 million after a March attack froze corporate servers, employees' PCs and resident-facing portals. Some security experts say the breach response funds would have been put to better use preventing the outbreak in the first place.
One measure of why it's so difficult for organizations to keep their software patched and better secured: Of the nearly 20,000 unique vulnerabilities in 2,000 products cataloged last year, only half involved Microsoft, Adobe, Java, Chrome or Firefox software, says Flexera's Alejandro Lavie.
Attackers rarely bother with technical sophistication when easy social engineering schemes, such as "hacking" a victim's social network and using it against them, can give them what they want, says Markus Jakobsson, chief scientist at the cybersecurity firm Agari.
Increasingly, SonicWall is focused on the midmarket, and CEO Bill Conner wants to help ensure that smaller and midsized enterprises have appropriate visibility into the threat landscape - the threat actors, as well as whom they are targeting.
Corporate espionage appears to be the motive behind cyberattacks targeting a variety of medical-related equipment and systems, researcher Jon DiMaggio of Symantec says in an in-depth interview about the activities of a hacker group the company has dubbed "Orangeworm."
Great news: "SunTrust to offer free identity protection ... at no cost on an ongoing basis." Of course, nothing comes for free, at least for 1.5 million customers of the Atlanta bank, whose personal details may have been sold to criminals by a former employee.
The endpoint remains the favored attack surface for criminals, yet most cybersecurity solutions rely on detection rather than prevention, says Gregory Webb, CEO of Bromium.
Identity is changing with the fusion of public and private trust models. Entrust Datacard's Ray Wizbowski discusses the shifting landscape and how best to secure it.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.