SAP has issued a patch and remediation advice for a critical remote code execution vulnerability in its SAP Commerce product that could, if exploited, disrupt the entire system.
The ongoing lockdown may be complicating the path of Cupid's arrows. But as another Valentine's Day rolls around, authorities are warning that romance scammers - and other types of fraudsters - are alive and well and have been increasingly preying on unsuspecting victims around the world.
The latest edition of the ISMG Security Report features an analysis of the critical security issues raised by the hacking of a Florida city water treatment plant. Also featured: The CISO of the World Health Organization discusses supply chain security; hackers steal celebrities' cryptocurrency.
Flavio Aggio, CISO of the World Health Organization, has had a long career across many sectors. He understands supply chain risk, and he sees the SolarWinds hack as "resumption of a very old attack - in new packaging." He offers insights on mitigating this and other cybersecurity risks.
Glauco Sampaio comes from a technology background. But as CISO as well as privacy and fraud prevention officer at Cielo, a Brazilian payment card processor, he focuses on how to marry technology with business risk - and how to share his vision with business executives.
The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall. The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.
Did Russia pass a tough new cryptocurrency law to help authorities recruit or compel criminal hackers to assist the government? That's the thesis of a new report, which notes that the new regulation includes a host of provisions designed to unmask cryptocurrency users' transactions - or else.
Watch this webinar to learn how to mitigate supply chain risk and allow legitimate business communication to continue, while remaining vigilant to the unwanted, unusual, or malicious.
Microsoft has finally pushed out the second half of the software patch for the "Zerologon" privilege escalation vulnerability in the Windows Netlogon Remote Protocol more than five months after the first half of the patch was issued.
As the investigation into the hacking of a water treatment facility in Florida continues, cybersecurity experts say the incident points to the urgent need to enhance operational technology security. Here are five key questions the incident raises.
Good news in the fight to prevent COVID-19 infections: Researchers report that a digital contact-tracing app rolled out in England and Wales that's designed to keep users' data private and secure is helping to blunt the spread of the pandemic. They urge continuing global uptake of such apps.
Three CISOs offer real-world insights on addressing the challenges involved in implementing a "zero trust" framework to enhance security in an era when so many remote employees are accessing applications and data in the cloud as well as within internal networks.
In the wake of COVID-19-accelerated transformation and the SolarWinds hack, the importance of understanding your organization's digital exposure is more critical than ever. In this latest Cybersecurity Leadership panel, CEOs and CISOs discuss asset discovery and attack surface vulnerability.
Microsoft's security team says the company's Office 365 suite of products did not serve as an initial entry point for the hackers who waged the SolarWinds supply chain attack. And SolarWinds' CEO says that no Office 365 vulnerability has been identified that would have opened the door to the attack.
Darknet markets just had their best year ever, led by Hydra, which accounted for 75% of the $1.7 billion in 2020 revenue such markets generated, Chainalysis reports. One key to Hydra's success is the Russian-language marketplace's constant innovation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.