Security teams face a dizzying array of threats, from ransomware and
cyberespionage to fileless attacks and damaging data breaches. However,
the biggest headache for many security analysts is not the endless number
of risks that dominate news headlines, but rather the repetitive tasks they
must perform every day...
Protecting your endpoints requires a much more holistic approach than simply blocking known
malware. Adversaries today create countless variants of malware and use obfuscation techniques
to evade signature detection.
They can turn your own resources against you, converting legitimate
endpoint applications into...
As we put a tumultuous year in the rear-view mirror, many companies are looking for innovative ways to boost and redesign their businesses in order to jump-start growth. According to Gartner, the majority of CEOs say recovering revenue levels by accelerating digital initiatives will be a top priority in 2021 and 2022....
To help prevent and defend against emerging cyberthreats, CISOs must develop a multi-line defense strategy and invest in threat-hunting capabilities and orchestration, a panel of cybersecurity experts advises.
“Passwordless” has become the holy grail for user authentication. But there are different interpretations of what passwordless is – and is not. Tom “TJ” Jermoluk, CEO of Beyond Identity, addresses some of the myths,the realities and how passwordless is deployed today.
A report by analyst firm Research in Action reveals the importance of adopting a continuous application performance management (CAPM) solution that continuously identifies performance and availability issues to provide proactive detection and diagnosis. The firm’s report, 2019 Vendor Selection Matrix for Continuous...
Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.
In financial services, there is a stark difference between defending against authorized versus unauthorized fraud incidents. James Hunt of Bottomline Technologies discusses the schemes and how to respond with a more dynamic prevention strategy.
The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.
Asian organizations are beginning to look at extending digital identity beyond the traditional internal enterprise IAM stack to customer identity and access management, or CIAM, says Alex Laurie, senior vice president at ForgeRock.
A newly-discovered phishing campaign posts harvested credentials using the Telegram messaging app's application programming interface to bypass secure email gateways, report researchers at the Cofense Phishing Defense Center.
The Good Health Pass Collaborative is developing a road map for digital health passes that international travelers could use to prove they have been tested for COVID-19. Dakota Gruener, executive director of ID2020, which launched the project, describes the effort, including privacy-protection measures.
Security firms Crowdstrike, Palo Alto Networks and Sailpoint are making acquisitions to bolster their product portfolios. Here's a rundown of the deals.
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
A hacker breached a Florida city's water treatment network, increasing the amount of lye that would be added to the water to a dangerous level. Officials say they caught the change immediately and reversed it. Reuters reports that the system was accessed via the city's TeamViewer remote access software.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.