The DHS says the defacement of a U.S. government website over the weekend is not linked to Iranian state-sponsored actors. Attackers posted a pro-Iran message with a photo of President Donald Trump being punched in the face. The website, belonging to the Federal Depository Library Program, is now offline.
A persistent question over the past several years is which managed service providers were affected by APT10, a tenacious Chinese hacking group. But a Wall Street Journal investigation on Monday has revealed new companies affected by Cloud Hopper attacks.
"Zero Trust" security is rapidly transitioning from a marketing buzzword to a practical methodology for protecting today's global networks. Stan Lowe, global CISO of Zscaler, shares his 2020 vision for zero trust.
The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.
Wanted: A new chief executive to assume command of Britain's growing National Cyber Security Center, part of GCHQ. As Ciaran Martin departs, the successful NCSC model he helped create is being widely emulated in many countries. But the U.S. remains a notable holdout.
Warning: Attackers wielding LockerGoga and MegaCortex ransomware have been hitting large corporate networks, sometimes first lingering for months. That's according to a new FBI flash alert, as reported by Bleeping Computer, which essentially tells would-be victims: Please, get your defenses in order now.
Researchers at Positive Technologies say they discovered a vulnerability in enterprise software offerings from Citrix that potentially could put 80,000 companies in 158 countries at risk of a cyberattack.
It's important to look into the inherent risks of engaging with vendors before getting into assessing individual companies, says Devender Kumar, CISO at TMF Group, who discusses how to handle risks arising from third parties.
Because vendors were implicated in many of the largest health data breaches in 2019, it's more critical than ever for healthcare organizations to manage the security risks posed by their suppliers, says Erik Decker, CISO and chief privacy officer at the University of Chicago Medicine.
As France broadens its experimentation with facial recognition it must make sure it takes users' consent as well as implement the technology only when necessary, says Felicien Vallet, privacy technologist at CNIL.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
What are the key experiences, capacities and skills needed by the next generation of cybersecurity leaders, as they prepare to address enterprise business risk in the next decade? Ex-CISO and current advisor Christopher Hetner shares his vision of the future of cyber leadership.