Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.
Incident response plans must be carefully designed to meet the needs of a specific organization, says attorney Ron Raether, who outlines important legal considerations.
A coherent risk analysis program tailored to the organization is a vital component of any effort to improve cybersecurity and meet regulatory requirements, says attorney Shawn Tuma.
Spectre and Meltdown: It's déjà vu all over again as Intel is reportedly prepping a coordinated vulnerability disclosure announcement for eight new speculative execution flaws. One of the new flaws is apparently worse than any of the three Spectre/Meltdown variants that came to light in January.
Equifax says it continues to field queries from U.S. lawmakers about the full extent of its massive 2017 data breach, which occurred after an attacker exploited its unpatched Apache Struts web application. Research finds that many more organizations are using unpatched Struts applications.
The security industry is heavily reliant on old models that are breaking down, and trying to contort old tools to meet the needs of the new hybrid environment is difficult, says Leo Taddeo of Cyxtera.
Why do organizations need to take a top-down, risk-based approach to security? Sheetal Mehta of Wipro offers insights on optimizing security investments.
You're the new kid on the cybersecurity block. You believe you have a unique solution to address an unresolved challenge in the security stack, and beta customers are bullish on your company's potential. We asked: "So what?" What makes these companies different? See startups deliver their quick pitch.
Cybersecurity and fraud prevention functions need to start working more closely together to share and leverage cross-functional knowledge that can help improve security, says Michael Thelander of iovation.
What's it like to be the CISO of a security company? Mike Convertino of F5 Networks says if a CISO uses the company's products, he or she can provide valuable feedback for product development.
Security still remains an afterthought when many organizations are adding new technologies to provide a differentiated customer experience, says Anna Convery of Radware, who recommends a change in approach.
Twitter has apologized after it discovered that it had been inadvertently storing users' passwords in plaintext in an internal log, potentially putting them at risk. Twitter has blamed a bug for the fault and recommends all users change their passwords immediately.
Ovum Research and Entrust Datacard experts discuss the transformation of identity and where it is headed.
Watch this video to learn more about:
Real-world examples of how organizations are embracing mobile and cloud platforms.
The pressure to meet compliance, and maintain and grow your customer base is intensified as the creativity of fintech offerings and customer expectations continue to rise. To effectively differentiate your offerings, your ability to deliver innovative, omni-channel services will be critical.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.