The genie is out of the bottle - and working remotely. Global enterprises have fundamentally and permanently changed the way they work. What does this mean as we plan for 2021, and how can organizations automate many of their remaining manual processes? Kelsey Nelson of Okta shares insights.
A P2P botnet dubbed "FritzFrog" has breached about 500 SSH servers, infecting universities in the U.S. and Europe and a railway company in an effort to plant cryptomining malware, Guardicore Labs reports. The botnet has also tried to infect banks, medical centers, governmental offices and others.
Marriott faces another lawsuit, filed in Britain, over the breach of its Starwood guest reservation system. The breach ran from 2014 to 2018 - Marriott acquired Starwood in 2016 - and exposed personal information for an estimated 7 million customers in the U.K.
Twitter's communication with the public in the wake of a recent hacking incident provides lessons to others on the value of an incident response plan, says attorney Sadia Mirza.
Implementing an adaptive, risk-based authentication process for remote system access is proving effective as more staff members work from home during the COVID-19 pandemic, says Ant Allan, a vice president and analyst at Gartner.
The growing use of biometric technology is raising concerns about privacy as well as identity theft and fraud, says attorney Paul Hales, who reviews recent legal and legislative developments.
The Senate Intelligence Committee Tuesday released its fifth and final report on Russia's attempts to influence the 2016 election, providing more details on how Russian hackers resided on Democratic National Commitee servers for months and citing shortcomings in the FBI's investigation.
Two recent ransomware incidents that targeted companies serving healthcare organizations highlight an emerging vendor risk management challenge in the sector.
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.
Copycats using well-known threat actor names, such as Fancy Bear and Armada Collective, are launching extortion campaigns tied to distributed denial-of-service attacks against financial institutions, according to Akamai's Security Intelligence Research Team.
It's a myth that organizations with legacy systems cannot implement DevSecOps, says Md.Mahbubul Alam Rafel, head of information security at Prime Bank in Bangladesh.
Ransomware gangs continue to see bigger payoffs from their ransom-paying victims, driven by "big-game hunting," data exfiltration and smaller players seeking larger returns, according to ransomware incident response firm Coveware.
An expired digital certificate for Quest Diagnostics, a major test provider, and several technology woes temporarily prevented the state of California from receiving timely COVID-19 lab test data, resulting in an inaccurate tally of cases.
The Canadian government is investigating two credential-stuffing incidents that affected some of the country's most essential services, including taxation, healthcare, welfare benefits and immigration.
Organizations in all sectors need to take a more deliberate approach to incident response, says Kelvin Coleman, executive director of the National Cyber Security Alliance, who offers guidance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.