U.K. officials reportedly are considering a proposal to allow China's Huawei to play a limited role in providing certain equipment for the country's 5G rollout, which would defy calls from the U.S. for a complete ban of telecom gear from the company.
Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being exploited by in-the-wild attackers, and it's issued mitigation guidance. Security firm Qihoo 360 says the zero-day flaw has been exploited by the DarkHotel APT gang.
Five years ago, cybersecurity executive Dave Merkel called upon enterprises to shed their "peacetime" mindsets and adopt a "wartime" stance against persistent cybercriminals and nation-state actors. How have they risen to that challenge?
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.
"I don't think most organizations are prepared for the personal data protection and privacy bill that has been approved by the cabinet, as most people still confuse privacy and security and think that it is just an add-on to security," says Privacy Expert, Shivangi Nadkarni, CEO, Arrka Consulting.
Future trustworthy and secure cyber systems need to be able to operate even in a degraded state. Ron Ross of NIST details the components of a new publication on cyber resiliency.
What challenges does a CISO face when dealing with issues facing several industries? Abid Adam of Axiata Group, a conglomerate based in Malaysia, describes his efforts to manage privacy and security in three diverse sectors.
Security vulnerabilities at two major private hospitals in India have led to the leaking of personal data on millions of patients, says security researcher Avinash Jain, lead infrastructure security engineer at Grofers, who's not revealing the names of the hospitals because the leaks have not yet been fixed.
A common misconception about the "zero trust" model is that once it's deployed, network security is no longer required, says Steven Hunter of Forescout.
A clear theme Wednesday throughout the first day of the Black Hat Europe conference was the importance of approaching the design and defense of networks and systems by thinking like the enemy.
The Australian Parliament's computer network was compromised in January after politicians browsed a legitimate website that was compromised. The watering-hole style attack resulted in a small amount of non-sensitive data being revealed, according to the leader of the Senate.
Organizations should develop a comprehensive strategy for managing third-party security risks and avoid over-reliance on any one tool, such as vendor security risk assessment, monitoring or ratings services, says analyst Jie Zhang of Gartner.
The National Cyber Security Center, the U.K.'s national computer emergency response team, investigated 658 serious cybersecurity incidents in a 12-month period and supported nearly 900 victim organizations - most of whom learned they had fallen victim after being alerted by the center.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
