A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.
Too many basic cyber threats are successful too often. And Korn Ferry CISO Michael Miora says it's because enterprises do too little to understand, record and respond to the most common forms of intrusion.
Late in 2018, Broadcom completed its acquisition of CA Technologies. What is the vision of this new cybersecurity products and services enterprise? Clayton Donley, general manager of security at Broadcom, shares insights.
CrowdStrike is out with its 2019 Global Threat Report, which includes a ranking of the most dangerous nation-state adversaries. The company's CTO, Dmitri Alperovitch, discusses the report's key findings about threats and threat actors.
Many large organizations are app developers, and individuals are increasingly using apps to access computing resources. But the age-old problem of code not being reviewed for flaws at every stage of testing and production continues, warns Joseph Feiman of WhiteHat Security.
As enterprises embrace strategies built around digital risk management, it isn't that technology becomes a less important conversation. Instead, it's more strategic. Zulfikar Ramzan, CTO of RSA, outline's technology's role in the business path forward.
Call to action: Information security teams should "include mental health topics in their team meetings, their management reports and metrics, as well as face to face meetings," says to Thom Langford, head of security consultancy (TL)2, speaking from experience.
AT&T has just re-branded its AlienVault acquisition as AT&T Cybersecurity. Javvad Malik, security advocate for the firm, explains its place in the global market and how it will impact delivery of threat intelligence.
Reviewing 2018 attacks, Jon Clay of Trend Micro, says social engineering persists, including phishing attacks, while criminals also continue to steal credentials, lob ransomware at targets and push cryptomining malware.
Victims of hurricanes, wildfires and other disasters now face a second hit: The U.S. Federal Emergency Management Agency inadvertently shared 2.3 million disaster survivors' personal data of with an agency contractor, leaving victims at increased risk from fraud and identity theft.
Cybersecurity leaders hear a lot about speaking to the board. But increasingly, these leaders are also tapped to serve on boards of directors. What business skills are most needed and often lacking? Executive recruiter Joyce Brocaglia of Alta Associates and the Executive Women's Forum explains.
What's hot on the cybersecurity legal front? For starters, in 2018, the U.S. Department of Justice indicted twice as many alleged state-sponsored attackers than it had ever indicted, says Kimberly Peretti of Alston & Bird.