Not so long ago, security organizations rallied behind best of breed security solutions. But now, trying to reduce tech debt, rationalize tools and consolidate vendors, there is a push for the platform approach. Cisco's Amilcar Alfaro talks about how to tap into the platform advantage.
This week: Google began phasing out passwords, Microsoft to bid VBScript goodbye, payment card information exposed in Air Europa hack, Magecart attack uses sneaky 404 page tactic, U.S. voter registration data stolen from the District of Columbia, and Volex reports a hack attack.
Attackers have been actively exploiting vulnerabilities in the HTTP/2 protocol via so-called rapid request attacks, which Amazon Web Services, Cloudflare and Google report have led to record-breaking distributed-denial-of-service attacks. Experts recommend immediate patching or mitigation.
Securing digital transformation across environments takes VM-Series virtual firewall efficiency and cost-effectiveness. In-depth and extensive Forrester Consulting research commissioned by Palo Alto Networks has discovered an significant 115% ROI over three years with a six-month payback period for these virtualized...
Microsoft fixed three zero-days under actively exploitation in its patch dump for the month of October: A disclosure flaw in WordPad that can be exploited to obtain hashed passwords, a bug in Skype for Business and a patch to fix exposure to the Rapid Reset exploit.
End-to-end encryption is critical for protecting sensitive data, such as passwords, documents, and payment information. If your data isn't being stored securely at all points, you're at risk. End-to-end encryption creates an improved security environment by providing greater visibility into potential breaches and...
The best way to level-up your existing IAM infrastructure is to add a single sign-on (SSO) to protect logins for approved apps. This guide will show you the benefits of a combined approach, in which company-approved and non-approved logins are attached to a single, strongly vetted identity to simplify administration,...
Cloud compromises and supply chain attacks are overshadowing ransomware as the top cyberthreats worrying healthcare sector organizations - but all such incidents are still viewed as significant risks to patient outcomes and safety, said Ryan Witt of Proofpoint, citing new research findings.
Protecting your data from breaches is only one aspect of enterprise security, but it's important to go further to ensure that your secrets will remain safe – even in the unlikely event of a breach. Your information shouldn't just be protected by an account password, but also by a unique Secret Key: a 128-bit,...
Year after year, the rise in large-scale data breaches is faster and steeper. Not only is your business at risk, but so are your customers – as we keep learning, the hard way.
As we adjusted to the pandemic, cybersecurity trended – quite unfortunately – in the wrong direction. While our work lives merged with...
Download this must-read e-book book to understand why software firewalls are critical for today’s competitive enterprises. Five short chapters cover the foundational points of software firewalls and will help you understand how they can help your organization secure investments in public clouds, private clouds,...
Password security is a critical start for protecting devices and networks from malicious threats. However, implementing successful password security can be easier said than done. Do you have employees who are worried they won't remember something more complex than "password123"? Are you looking for 7 actionable steps...
A recent attack by a Russian ransomware-as-a-service group that stole the personal information of 2.5 million patients of McLaren Health Care has triggered at least three proposed federal class action lawsuits in recent days, claiming the healthcare company failed to protect patient privacy.
Cisco has released urgent fixes to a critical vulnerability affecting an emergency communication system used to track callers' location in real time. A developer inadvertently hard-coded credentials in Cisco Emergency Responder software, opening a permanent backdoor for unauthenticated attackers.
Genetics testing firm 23andMe is investigating a data leak of ancestry DNA information for certain customers whose usernames and passwords were previously hacked on other websites. The company suspects a massive credential stuffing attack on individual accounts using recycled passwords and no MFA.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.