The U.S. Department of Defense has purchased IT gear known to have significant cybersecurity vulnerabilities, according to a new inspector general audit, which also highlights concerns about the use of equipment manufactured in China.
In what's likely the first of many investigations, the New York attorney general's office announced late Tuesday that it's launching a Capital One probe following the disclosure that over 100 million U.S. residents had their personal data exposed in a breach. Meanwhile, class action lawsuits are looming.
The cause of Capital One's breach is known. But experts say the incident still raises questions over why Capital One held onto personal data so long and if the bank was adequately monitoring administrator accounts.
Mergers and acquisitions, along with cloud adoption, are rapidly changing the pharmaceutical industry. Sandy Dalal of Allergan talks about how Okta identity and access management brings security stability and supports a zero trust framework.
The Capital One data breach is in early stages of remediation. Art Coviello, former chair of RSA, which was breached in 2011, shares first-hand insight on steps the breached institution and its CEO should be taking now.
Data breach costs continue well after the initial year, according to the latest IBM/Ponemon Institute,"Cost of a Data Breach" report. Limor Kessem of IBM Security shares details of the study.
Marcus Hutchins, who rose to fame by helping to stop the WannaCry ransomware attacks, was spared jail time on Friday after pleading guilty earlier this year to creating the Kronos banking malware.
A massive botnet attack earlier this year utilized more than 400,000 connected devices over the course of 13 days, according to researchers at the security firm Imperva.
Many organizations use Active Directory as their domain network management tool of choice. But security experts warn that without locking down and regularly auditing AD, the ease of use that it provides to network administrators can also be tapped by hackers. Start here for essential defenses.
City Power, the local electrical utility that powers Johannesburg in South Africa, is recovering Friday after an unknown ransomware variant that locked-up the company's applications, network and databases for most of the day on Thursday. The attack knocked out power and services for some residents for most of the day,...
Louisiana's governor issued an emergency declaration on Wednesday in response to a rash of malware infections, hitting some of the state's public schools. The move will allow the state to marshal more resources to deal with the incidents.
Taking a zero-trust approach can help organizations unshackle themselves from the password and drastically reduce the attack surface, says Akamai's Fernando Serto.
Facebook's $5 billion privacy settlement with the FTC this week did little to satisfy critics who argue that the social media giant still holds too much sway over its users' personal data.
Warning: Attackers are abusing poorly secured and managed implementations of Microsoft Windows Active Directory to hack organizations and distribute ransomware. Fewer old operating systems and greater Active Directory security knowledge are helping mitigate the threat. But experts say more must be done.
FIN8, a hacker group that targeted POS devices in the hospitality and retail sectors, is back on the scene with new malware, including the Badhatch backdoor that's designed to steal payment card data, according to researchers with Gigamon's threat detection unit.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.
