What if organizations' information security practices have gotten so good that they're finally repelling cybercriminals and nation-state attackers alike? Unfortunately, the five biggest corporate breaches of the past five years - including Yahoo, Marriott and Equifax - suggest otherwise.
Red Hat, Amazon and Google have issued fixes for a serious container vulnerability. The flaw in the "runc" container-spawning tool could allow attackers to craft a malicious container able to "break out" and gain root control of a host system, potentially putting thousands of other containers at risk.
Medical device cybersecurity risks should be viewed as an enterprise problem, say Tracey Hughes of Duke University Health Systems and Clyde Hewitt of security consultancy CynergisTek, who outline critical security steps.
The Trump administration is leading a broadside against Chinese telecommunications giants Huawei and ZTE. But concerns that Chinese networking gear could be used as backdoors for facilitating state-sponsored surveillance or disrupting critical infrastructure are not limited to America.
Healthcare organizations should steer clear of connecting internet of things devices to their networks unless they serve a precise medical purpose, says attorney Julia Hesse, a featured speaker at the HIMSS19 Conference.
Apple has issued an iOS update that patches two flaws being exploited in the wild by attackers as well as the "FalmPalm" bug in Group FaceTime. Apple says it compensated the teenager who reported the FaceTime flaw and gave him an extra gift toward his tuition.
Many security professionals are constantly drowning in alerts across a multitude of security tools. When you can't see what is happening on your endpoints, investigating an alert can feel like you're running blindfolded. Often, these professionals don't have the visibility or data to prioritize alerts or make...
Endpoint detection and response tools and other related security technologies are critical weapons for defending against cyberattacks, says Larry Whiteside, the new CISO at Greenway Health, an electronic health records company.
Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners.
Despite everything you've spent on data-centric security, there still is a security gap that is burgeoning at an alarming rate when it comes to protecting sensitive data. The growing complexity of users outside your organisation, methods of sharing information, and the number of devices data reside on are continually...
As the value of cryptocurrency has plummeted, so too have the number of cryptomining infections being seen in the wild, reports security firm Malwarebytes. Taking its place, however, are criminals wielding advanced malware such as Emotet and Trickbot.
The coming end-of-support for Windows Server 2008 leaves organizations with few viable options to receive updates beyond the cut-off date of January 14, 2020. Upgrading will be no small feat as roughly 70% of enterprise Windows applications run on Windows Server 2008 or earlier versions*.
The coming end-of-support for Windows Server 2008 leaves IT organizations with few viable options to receive security updates beyond the cut-off date of January 14, 2020. Upgrading will be no small feat as roughly 70% of enterprise Windows applications run on Windows Server 2008 or earlier versions*.
As application development teams strive to deploy features and changes into production as quickly as possible, an organization must rapidly adapt to ensure it's security posture is maintained yet doesn't slow down the build-to-deploy pipelines. The power of Kubernetes and Deep Security Smart Check together reduce the...