The latest edition of the ISMG Security Report features an analysis on why criminals continue to use darknet markets, despite the risks. Also featured: Hackers target Virgin Mobile KSA; coping with COVID-19 stress.
The U.S. National Institute of Standards and Technology this week released a long-awaited guidance update, Special Publication 800-53 Revision 5, describing "next-generation security and privacy controls" and how to use them.
Shopify's announcement this week that two employees inappropriately accessed transactional data from 200 of the merchants that use its e-commerce platform demonstrates the importance of taking a "zero trust" approach to security and improving identity and access management capabilities, security experts say.
Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials. It's a rare success in the fight against unsolicited text messages.
The U.S. Cybersecurity and Infrastructure Security Agency is warning of an uptick in attacks using LokiBot, an information stealer capable of sweeping up credentials. Fraudsters are using new methods to spread the malware.
Reviewing online attack trends for the first half of the year, numerous cybersecurity firms agree: COVID-19 was king. As the pandemic has reshaped how many live and work, so too has it driven attackers to attempt to exploit work-at-home challenges and virus fears.
U.S. government agencies are supposed to have patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. But CISA warns that too many agencies' systems remain unpatched.
While SD-WAN currently enables the corporate network to handle traffic efficiently and move workloads to the cloud, this network model must continue to iterate. The Internet is the corporate WAN of the near future.
Using SD-WAN, combined with the appropriate Zero Trust-compliant security and access services, is...
Users, devices, applications, and data are now located outside of the enterprise. According to Gartner's The Future of Network Security Is in the Cloud, "Security and risk management leaders need a converged cloud-delivered secure access service edge (SASE) to address this shift."
Meet the network security needs of...
A Zero Trust model ensures that security and access decisions are dynamically enforced based on identity, device, and user context. This security framework dictates that only authenticated and authorized users and devices can access applications and data, while also protecting workloads and users from advanced...
Cloud adoption continues to accelerate in the enterprise - as does the complexity of cloud infrastructure. For security professionals, this means even more that needs to be seen, integrated, and managed - from across your cloud environments to your SIEM, EDR, and more. In order to properly secure the cloud to enable...
TikTok and WeChat both received reprieves over the weekend that helped avert U.S. blocks of their social media apps. President Donald Trump says he has given his "blessing" to a deal that would see Oracle and Walmart take a stake in TikTok's U.S. operations. Separately, a federal judge suspended a WeChat ban.
Hackers compromised the network of Saudi Arabia's Virgin Mobile KSA, gained email system access and offered stolen data for sale on the dark web. According to a source with knowledge of the attack, the incident - remediated late last week - is one of a string of attacks against organizations in the Middle East.
Secure Access Service Edge (SASE) has become one of the hottest topics in the IT industry. Fueled by cloud services, the rise of BYOD and fast tracked by the new reality of remote working, direct-to-cloud platforms radically disrupt the economics of traditional IT security. By 2024, Gartner predicts that 40% of...