The Securities Exchange Board of India has come out with new cybersecurity guidelines for the commodities market. But the recommendations either rehash earlier guidelines or offer vague details on implementation.
As part of its September Patch Tuesday security update, Microsoft issued software fixes for two vulnerabilities in several versions of Windows that it says are being exploited by attackers in the wild. Security experts are urging IT teams to quickly patch these flaws.
Email server alert: Linux and Unix administrators should immediately patch a remotely exploitable flaw in Exim, one of the world's most-used message transfer agents, security experts warn. Attackers could abuse the flaw to deliver ransomware, spy on or spoof emails and possibly also take down cloud services.
Every week seems to bring a fresh installment of "patch or perish." But security experts warn that patch management, or the larger question of vulnerability management, must be part of a much bigger-picture approach to managing risk. And the challenge continues to get more complex.
A new weaponized proof-of-concept exploit for the BlueKeep vulnerability in Windows has been released by researchers at Rapid7 and Metasploit in an effort to help create a sense of urgency to patch the flaw.
In the wake of major data breaches in Singapore, the nation's Personal Data Protection Commission has come out with stricter rules for collection and disclosure of the National Registration Identity Card, or NRIC, and other national identification numbers.
Three weeks after a ransomware attack slammed 22 Texas municipalities' systems, state officials say more than half of the cities have returned to normal operations and the rest have advanced to system restoration. Meanwhile, officials have shared lessons learned for managed service providers and customers.
Independent security researchers have found yet another unsecured database accessible via the internet. This time, the exposed data belongs to South Korean manufacturing company DK-Lok.
A hacking group known as APT5 - believed to be affiliated with the Chinese government - has been targeting serious flaws in Pulse Secure and Fortinet SSL VPNs for more than six weeks, security experts warn. Exploiting the flaws could enable attackers to gain full, remote access to targeted networks.
With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account.
Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO.
Modular malware is targeting India's critical infrastructure in a manner that's extremely difficult to detect, says Prayukth K.V. of Subex Ltd., a telecom solutions provider that has released a new report on the threat.
A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
Cyber defense is no longer about staying a step ahead - it's about trying to remain no further than a step behind the adversaries, says Moshe Ishai of HolistiCyber, who shares insights on how to regain an advantage.
In the wake of the HSBC money-laundering scandal, whistleblower Everett Stern founded the intelligence firm Tactical Rabbit. He explains the firm's mission and how the HSBC experience continues to drive him forward.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.