As global enterprises get their arms around supporting and securing a near-total remote workforce, their digital adversaries are adapting - and so is the role of deception technology. Carolyn Crandall of Attivo Networks discusses how deception can help mitigate new risks.
With the COVID-19 pandemic forcing large portions of the workforce to shift to telework, CISOs need to rethink corporate policies on the use of video conferencing platforms and other communications tools, says NIST's Jeff Greene, who offers risk mitigation advice.
A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot. FortiGuard Labs researchers find that cybercriminals are once again using World Health Organization images as a lure.
As April begins, enterprises are starting to re-evaluate their COVID-19 response plans, says crisis management expert Regina Phelps. What are the other pandemic response planning phases we can expect to see as infections spread and quarantines continue?
A Magecart group has been using a new skimmer technique to target the online checkout sites of smaller businesses in order to steal credit card data, according to RiskIQ researchers, who have spotted 19 of these malicious JavaScript attacks so far.
Researchers at security firm Guardicore Labs are tracking a botnet they call Vollgar that's targeting devices running vulnerable Microsoft SQL Server databases with brute-force attacks and planting cryptominers in the infected databases.
Italian officials are investigating whether a disruption this week of access to the country's social security website was due to a hacking incident or a network overwhelmed by demand for benefits offered during the COVID-19 pandemic, according to news reports.
The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.
As companies deal with a remote workforce as a result of the COVID-19 crisis, they face serious business continuity issues, regardless of whether their applications operate in the cloud or on the company's own servers, says Anish Ravindranathan, security and cloud architect at Tata Digital.
What missteps led to hackers stealing details on 145 million Americans from Equifax in 2017? The answer to that question can be found in numerous reports and a Justice Department indictment. Security researcher Adrian Sanabria says they're essential reading for anyone responsible for cybersecurity defenses.
As CISOs in India scramble to deal with challenges related to the COVID-19 crisis, they're discovering effective strategies. For example, they're adopting the "zero trust" model for the remote workforce and devising ways to deal with the security issues raised by "shadow IT" and "free software."
The stuck-at-home chronicles have fast become surreal, as remote workers face down a killer virus on the one hand and the flattening of their work and personal lives on the other. To help, many have rushed to adopt Zoom. And for many use cases - hint: not national security - it is a perfectly fine option.
The day after security researcher Patrick Wardle disclosed two zero-day vulnerabilities in the macOS client version of Zoom's teleconferencing platform, the company on Thursday rushed out patches for these flaws and one other.
Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.
The Global Cyber Alliance is one of 13 nonprofit organizations that have banded together to offer businesses security tips for their newly remote workforces. Andy Bates, executive director of the alliance, discusses the coalition's core guidelines for reducing cyber risk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.