Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
What are the key experiences, capacities and skills needed by the next generation of cybersecurity leaders, as they prepare to address enterprise business risk in the next decade? Ex-CISO and current advisor Christopher Hetner shares his vision of the future of cyber leadership.
The MyKings botnet, which has been spreading cryptominers and other malware, continues to grow in sophistication, using steganography to hide malicious updates, Sophos Labs reports. New research also shows attackers are exploiting the EternalBlue vulnerability in Windows.
An unsecured Elasticsearch database exposed the identities and phone numbers of over 267 million Facebook users for about two weeks, according to a new research report.
The Wawa convenience store chain is investigating why malware planted on point-of-sale devices at nearly all of its over 850 locations throughout the East Coast went undetected for nearly eight months.
The National Institute of Standards and Technology has released three biometric datasets to help organizations research new types of secure digital identification systems and authentication processes. NIST also released a study on facial recognition technology that raises some concerns.
Facebook's sharing of data of European users with the U.S. is legal and provides enough protections, the legal adviser to the EU's top court said on Thursday.
Emerging 5G telecommunications networks present significant opportunities and threats, says Chris Cummiskey of Cummiskey Strategic Solutions, a former Department of Homeland Security official.
Malicious bots are becoming so sophisticated that they're almost indistinguishable from human actors, says Eric Bucher of Cequence Security, who discusses how to counter the threat.
The user-friendly aspects of apps can enable malicious bots to infiltrate, says Eddie Doyle of Check Point Research, who offers insights on addressing the issue.
New Orleans is setting an aggressive pace to restore services after a ransomware attack crippled the city's IT systems: fixing more than 450 servers and 3,500 endpoints in just 48 hours. It's work that would normally take weeks to months, but the city plans to do it must faster.
A federal judge ruled this week that the U.S. government is entitled to proceeds from Edward Snowden's memoir and his paid speeches because the former NSA contractor did not submit his materials to his former federal employers for review before publishing.
An alleged member of The Dark Overlord hacking group who apparently made dumbfounding operational security mistakes while trying to extort U.S. companies has pleaded not guilty. Nathan Wyatt is perhaps the only person associated with the notorious hacking group who left a clear digital trail.
In 2017, the U.S. Army ordered that the use of drones made by Chinese manufacturer DJI be discontinued, citing security concerns. Now, a second classified memo used to support that decision has been released, revealing serious concerns about how cyberspies could intercept video and other encrypted data.
"Zero trust" is arguably the cybersecurity buzzword of 2019, but what exactly is it? Is it a tool? Is it a capability? Is it a philosophical journey with no endpoint? Or is it all of the above? Jack Koons of Unisys explains why "zero trust' is a highly subjective term based on corporate risk appetite.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.