The FDIC has failed to properly update its policies for mobile device usage, conduct regular control assessments of its mobile device management solution or adequately log and monitor mobile cybersecurity practices, according to a new report from the Office of the Inspector General.
OT, IoT, IIoT - each has critical distinctions, and each is increasingly vital to protecting the world's critical infrastructure from crippling cyberattacks. In a panel discussion, cybersecurity leaders discuss what it takes to get the C-suite's attention to prioritize this new generation of risk.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including improving federal agencies' cybersecurity and businesses recovering from the pandemic's impact.
Apple on Thursday unveiled a new system for detecting child sexual abuse photos on its devices. But computer security experts fear the system may morph into a broader privacy-busting tool.
The widely used NicheStack TCP/IP stack has 14 vulnerabilities that, if exploited, could allow for remote code execution, denial of service, information leaks, TCP spoofing or DNS cache poisoning, according to researchers at Forescout and JFrog. But patches are now available.
The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.
The U.S. needs to devise ways to counter Chinese cyber activity - including the theft of intellectual property and cyberattacks on government networks and critical infrastructure - that poses a direct threat to national security, according to those who testified at a Senate hearing this week.
Cybersecurity acquisitions continue at an intense pace, with Ivanti, Sophos, Deloitte Risk & Financial Advisory, Cerberus Sentinel and Feedzai all making moves to bolster their security portfolios.
A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.
The Biden administration is attempting to build an international consensus on how to react to China's aggressive cyber actions, which is one reason why it held off sanctioning the country over attacks on vulnerable Microsoft Exchange servers, says Anne Neuberger, deputy national security adviser for cyber.
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance on Kubernetes security, providing advice on securing container environments from supply chain threats, insider threats and data exfiltration risks.
Infection numbers are surging in the southern U.S., states and cities are enacting new mask mandates and the fall flu season looms as the great unknown. Sound familiar? COVID-19 is back with the highly contagious Delta variant. Pandemic expert Regina Phelps discusses what that means for business recovery.
Researchers at Palo Alto Networks' Unit 42 say they have demonstrated how exploits of Microsoft Jet Database Engine vulnerabilities could lead to remote attacks on Microsoft Internet Information Services and Microsoft SQL Server to gain system privileges. Microsoft recently patched the flaws.
A congressional report examining eight federal agencies found that seven continue to improperly protect sensitive data and do not meet basic cybersecurity standards.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.