The CEO of security firm Malwarebytes says the hackers who attacked SolarWinds also targeted his company and gained access to a "limited subset of internal company emails."
CISOs are playing an even more critical role as a result of the proliferation of supply chain attacks, a surge in the use of insecure IoT devices and other emerging risks, says Lt. Gen (retired) Rajesh Pant, national cybersecurity coordinator at the Prime Minister's Office for the Government of India.
In defining an IAM strategy for the cloud, CISOs need to automate the processes of provisioning, de-provisioning, monitoring and auditing as well as implementing federated access and API integration, says Rushdhi Mohammad, information security officer at the Industrial Bank of Kuwait.
The Scottish Environment Protection Agency says a ransomware attack last month continues to cause serious outages and warns that ransom-demanding attackers also stole some data. The Conti ransomware-as-a-service operation has claimed credit for the attack and begun to leak the stolen data.
The physical breach of the U.S. Capitol by a violent mob, members of which allegedly accessed lawmakers' systems and stole devices, offers cybersecurity professional lessons to learn on authentication, encryption and more, says cybersecurity expert Brian Honan.
Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to target Windows and Android mobile devices.
The new year has kicked off with a flurry of data security company acquisition activity; five deals have already been announced. Companies making acquisitions are striving to improve their secure access service edge - or SASE - posture, enter new markets or bolster their technology portfolios.
In the new EMA research report, Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network Segmentation, the analyst Shamus McGillicuddy explores how network-based technology is the foundation of Zero Trust.
Shamus highlights that the Zero Trust model is a continuous cycle of establishing a...
You can’t secure what you can’t see. In fact, gaining visibility and control over all your devices is one of the most important, yet challenging tasks for IT and security teams. The number of connected devices has exploded. At the same time, there are more diverse devices – IoT, IoMT and OT—that are sometimes...
Learn how Ordr SCE provides visibility and security of all connected devices to maximize uptime for the Manufacturing Industry.
Ordr provides:
Continuous and real-time visibility and classification of all connected devices from traditional servers, workstations and PCs to unmanaged IoT, IIoT and OT devices
The...
After the occupation of the U.S. Capitol by pro-Trump rioters Wednesday, an emergency response plan to ensure federal computers were locked down apparently was not activated, some experts say. As a result, federal security teams are likely scrambling to detect and repair any damage done.
The massive pro-Trump demonstrations that saw large crowds riot and then occupy the U.S. Capitol building in Washington pose a significant potential cybersecurity threat as protesters appear to have gained access to at least one lawmaker's office, along with computer systems and other devices, some experts say.
Because many attacks against enterprises' cloud implementations are automated, a good defense involves using predictive technology that can analyze behaviors, says Brandon Tan of Forcepoint.
In 2020, the "zero trust" conversation evolved from "What is it?" to "How do we achieve a zero trust architecture?" Chase Cunningham, principal analyst serving security and risk professionals at Forrester, offers an outlook for what we can expect in 2021.
The FBI is warning of a rise in "swatting attacks," which see hackers use compromised email accounts to access poorly-secured home smart devices that are equipped with cameras and voice capabilities to make hoax calls to emergency services.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
