A cyberattack targeting one of the largest banks in the U.S. that stops the processing of payments likely would have a major ripple effect throughout the financial system, according to a new report from the Federal Reserve Bank of New York.
The FBI has created a new policy to give "timely" breach notifications to state and local officials concerning election hacking and foreign interference. The updated guidelines look to correct some of the mistakes in the run-up to the 2016 presidential election.
The latest edition of the ISMG Security Report discusses why Britain is struggling to determine whether to use China's Huawei technology in developing its 5G networks. Plus: An update on a mobile app exposing infant photos and videos online and an analyst's take on the future of deception technology.
Increased compute power, artificial intelligence, and tools on the Dark Web are equipping cyberattackers with the resources to launch more sophisticated and destructive attacks. Reactive defenses are no longer enough to stop attackers from infiltrating even the best security architectures. Environmental dynamics are...
As cyberattacks increase in sophistication and penetrate networks with higher frequency and effectiveness, security professionals are expressing growing concerns about being able to quickly detect and stop in-network threats from both internal and external threat actors.
The growing number of these cyberattacks have...
By design, Active Directory (AD) will readily exchange information with any member system
it manages. Attackers can also leverage this access to extract information on the entire domain quickly. Security teams may not realize that attacks on AD are occurring because the activities will appear as if AD is providing...
Insider threats are one of the most difficult challenges an organization can face. Where a range of conventional defenses exist to thwart exterior threats, malicious actors within an organization are much more difficult to identify and contain. This paper will delve into the challenges presented by insider threats and...
Whether security testing is driven by compliance or as part of standard security resiliency testing, it is a vital component of an organization's defenses, especially in today's era of high-profile breaches.
Download this whitepaper to learn more about:
The role of deception in security testing
Examples of Red Team...
Malware continues to increase in sophistication and
routinely evades organizations' cyber defenses. It lurks
inside networks, often for months, executing or waiting
to execute attacks that can cause significant damage.
Even though the industry has developed various
technologies to bolster detection and response,...
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities.
The use of deception technology to combat cyber attackers has steadily gained ground over
the last several years, especially among a subset of IT security practitioners who have grown
weary of the noise detection technologies generate. Those technologies yield an exponentially
larger number of false positives than...
Hackers have been increasingly probing the North American power grid for weaknesses, but the industry - driven in part by regulators - is increasingly able to identify and repel attackers, industrial cybersecurity experts say.
Is it possible that a nation-state actor such as Iran could create a cybersecurity incident that compromises the U.S. power grid? Bernie Cowens, most recently CISO at the nation's largest electric utility, says that's unlikely because the power grid is more cybersecure than you might think.