A security researcher recently discovered an unsecure Elasticsearch database cluster exposed on the internet that contained transcripts of sensitive voicemail messages, including some for medical clinics and financial service companies.
Security experts are urging organizations to patch a newly revealed serious flaw in Microsoft SharePoint as quickly as possible because proof-of-concept exploit code is already available. The U.K.'s National Cyber Security Center warns that hackers frequently target fresh SharePoint flaws.
Ireland's Data Protection Commissioner has launched an investigation into whether Facebook's Instagram service improperly displayed the email addresses and phone numbers of minors on its platform. Facebook, Instagram's owner, could face a GDPR fine if it's found to have violated privacy requirements.
To mitigate the risks posed by ransomware attacks, enterprises need to move from file-based security to a behavior-based approach, says Jennifer Ayers, vice president of the OverWatch division of Crowdstrike.
Although most companies in the ASEAN (Association of Southeast Asian Nations) region don't have a defined Zero Trust strategy, the vast majority are already implementing solutions aligned to a Zero Trust posture.
By taking full advantage of the tools available, ASEAN security executives can seize the opportunity to...
Britain's Information Commissioner's Office announced this week a dramatic reduction in its fine against British Airways for violating the EU's General Data Protection Regulation. The company will pay a $26 million fine instead of $238 million in a case tied to a 2018 breach.
As ransomware continues to slam organizations, a lively debate has ensued about whether ransom payments should be banned in all cases. Attempting to ban ransom payments, however, likely would only make the problem worse.
The distributed workforce, combined with the need to modernize and improve operational efficiency, has reframed digital transformation priorities and introduced new areas of risk to today's enterprise. In light of ongoing macroeconomic demands, the CISO is facing increasing pressure to deliver value.
A newly identified financially motivated threat group, dubbed "FIN11," is deploying Clop ransomware and exfiltrating data from its targets for extortion efforts, according to researchers at FireEye Mandiant.
Yes, a CISO must be technologist and a business risk leader. But more than ever, a CISO also must be a bit of a counselor, says Mark Eggleston, chief information security and privacy officer of Health Partners Plans, who puts mental health support atop his own list of key responsibilities.
As you look to securely enable a long-term remote workforce, you need a security framework that can support you both today and in the future, keeping your people, your data, and your infrastructure safe. That's where zero trust comes in.
Download this whitepaper to learn more about what zero trust adoption looks...
As organizations break away from traditional network-based security concepts, where zones are delegated "trusted" or "untrusted," to people-centric security models like Zero Trust, identity is becoming intrinsically linked to security. In fact, identity data can help security teams determine whether users or...
E-Signatures are a key component in the digitization process of financial institutions. As of July 2016, the eIDAS regulation facilitates cross-border recognition of e-signatures and e-identities.
What types of e-signatures are best to use, and which ones are legally effective and admissible?
Download this white...
An unsecured Amazon Web Services database belonging to India's Dr Lal Path Labs, which offers diagnostic testing, exposed approximately 50 GB of patient data, including notes related to the results of COVID-19 tests, according to a security researcher.