Google Project Zero researcher Tavis Ormandy has once again found major vulnerabilities in Symantec's security products. Symantec has released updates, but not all will install automatically - some vulnerable products must be manually updated.
Warning to parents and guardians: Beware of collecting, storing or sharing your child's biometric information - including fingerprints and DNA - even if you're creating a so-called "Child ID Kit," because the data is a natural target for identity thieves.
In recent months, Cloud Access Security Broker solutions have emerged as a defacto, mandatory control.
Rohit Gupta founded Palerra in 2013 with a vision of enterprises embracing the cloud. And that's happened. But with cloud ubiquity has come a new reality, he says.
"Enterprises recognize that there is a...
Bangladesh Bank has opted to not extend a contract with the incident response team that it hired to investigate the theft of $81 million via fraudulent SWIFT messages. Meanwhile, similar hack attack tactics have apparently been used to steal $10 million from an unnamed bank in Ukraine.
Comodo made no new friends last week when it claimed that a nonprofit project, Let's Encrypt, stole its business model. Now, the digital certificate giant says it will not pursue applications aimed at securing trademarks using the phrase "Let's Encrypt."
In an in-depth interview, Michael Sentonas of breach response specialist CrowdStrike discusses how a focus on malware detection may still be leaving organizations exposed and describes the firm's new efforts in the Asia-Pacific region.
Let's Encrypt is crying foul over trademark applications made by Comodo that use the nonprofit project's name. Comodo is refusing to back down, which has drawn the large digital certificate vendor wide criticism.
A Senate bill proposes removing Social Security numbers of U.S. veterans from all Department of Veterans Affairs' information systems within the next five years to help reduce identity theft and fraud. How difficult would it be to make the change?
Kaspersky Lab says that its original estimate of how many remote desktop protocol server credentials were offered for sale in the now shuttered online cybercrime marketplace xDedic may have been far too low, based on new data coming to light.
With ransomware attacks surging, all organizations should ensure they have an enterprise backup and disaster recovery plan in place, and eliminate all unnecessary, outdated or disused applications and services running on endpoints and servers, says ESET's Mark James.
A short chat with the alleged seller of the LinkedIn and MySpace data begs more questions about how the services were compromised and if there are more large breaches to come.
With attackers getting more sophisticated every day, manual methods
of locating and testing web-based apps are no longer enough. The
right Web Application Scanning (WAS) solution can help you
systematically: discover web apps running in your network, determine
whether or not they are vulnerable to attack,...
Data is the currency of the digital age and
the lifeblood of organizations, so strategies to protect
corporate data are growing in importance and are now
a topic of C-suite consideration.
In a recent survey conducted
by IDG Research Services, investing in cloud services
ranks as the second priority (55%)...
As a mid-sized or smaller organization, there is a lure of feeling safety in
obscurity. "We're too small to be a target for cyber attacks" is a common refrain
used to justify a lax network security posture. Unfortunately, it's a refrain that
may come to haunt you.
The truth is your company doesn't have to be...
When web applications are breached, enormous amounts
of sensitive business data can be lost.
These types of attacks can occur at organizations
of all sizes and levels of IT sophistication, and can
affect tremendous amounts of data.
Web applications are popular targets because they are accessible to almost...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.