A coding error by Cloudflare exposed data relating to more than 2,500 Singapore websites owned by various organizations in private and public sectors. SingCERT has issued a related security advisory with mitigation steps, but do such alerts prompt action?
Yahoo CEO Marissa Mayer will lose her cash bonus after an independent investigation into security breaches at the search giant found that the company's senior executives and legal team failed to properly comprehend or investigate the severity of the attacks.
The Reserve Bank of India has mandated that all banks must report all unusual cyber incidents within two to six hours to enable issuing suitable cautionary advisories to other banks. Experts discuss the challenges financial institutions will face in complying with the new requirement.
Organizations can no longer afford to remain in denial that they are under siege from cyberattacks. Legacy security thinking focusing on blanket protection of all assets has failed as a doctrine, and organizations find themselves helpless to mitigate the sophisticated intrusions that slip through the chinks in their...
New Zealand's privacy commissioner is recommending new civil penalties against companies of up to NZ$1 million (US$718,000) for a "serious" data breach in light of sterner penalties adopted by Australia and the European Union.
The proposed creation of a CERT dedicated to serving India's financial sector is good news. But working out a realistic framework for its activities and defining its role in ensuring stronger security for the sector will prove challenging.
CERT leaders in the U.S. and India have signed a memorandum of understanding promoting a threat information exchange program in accordance with relevant laws and regulations. But will the collaborative effort yield tangible results for India?
Companies involved in mergers and acquisitions are increasingly targeted with cyberattacks that could potentially derail the deals, says Bryce Boland of FireEye, who outlines the risks and offers tips for mitigating them.
The website of Hindustan Petroleum Corp. Ltd. has been hijacked by hackers, according to Arctos Threat Research Co. Arctos claims it discovered that HPCL's website was infected with Cerber ransomware. But HPCL is awaiting the results of CERT-In's investigation into whether the website, indeed, is infected.
This monthly Security Agenda will highlight some of the most recent additions to our course library. January's edition features former RSA chair Art Coviello discussing "Tactical and Investment Advice for Responding to Attackers." Other industry influencers like internet pioneer Vent Cerf, John Buzzard, Fraud Expert...
In an unclassified version of a top-secret report, the U.S. intelligence community says that Russian President Vladimir Putin ordered an influence campaign aimed at undermining public faith in America's democratic process and preventing Hillary Clinton from being elected president.
The KillDisk disk-wiping malware, previously tied to espionage operations, has been updated with crypto-locking capabilities and now targets Linux as well as Windows systems. But security experts warn that attackers using the Linux variant have no way to furnish a decryption key.
Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
The lack of a smoking gun - absolute certainty - has some security experts not entirely convinced that the Russians or their backers hacked Democratic Party computers in an attempt to sway the U.S. presidential election.
The threat landscape certainly has changed in recent years. But can you say the same about the traditional intrusion prevention system."The biggest problem with IPSs today is that organizations are trying to fight today's threats with yesterday's solutions," says Bertone, who serves as CTO of Fidelis Cybersecurity....