Simulated attacks by an information security testing firm have found that fresh WannaCry, NotPetya and EternalRocks would still rip through many an enterprise network. Here's how organizations must respond.
So, what can we expect next year? Privacy expert Rebecca Herold offers her predictions for the 11 most significant healthcare information security and privacy events that will occur throughout 2018.
Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
Artificial intelligence can help improve network health by building a "pattern of life" for every device, user and network, says Justin Fier of Darktrace, who explains how to improve network visibility.
Healthcare technology has made leaps and bounds in terms of its ability to improve patient outcomes, and yet many technologies are being deployed before security concerns can catch up.
Improving network security requires understanding your environment and controlling it before implementing network segmentation, says Nathaniel Gleicher of Illumio, who explains lessons that can be learned from the Secret Service's approach.
U.S. prosecutors have unsealed an indictment against an Iranian man charged with trying to extort entertainment company HBO for $6 million in bitcoins. The case marks a rare public naming of someone accused of cyber extortion, which poses an increasing risk for all organizations.
Much of the world's critical infrastructure gets controlled by ICS or SCADA systems. But passive network traffic analysis by industrial control system security firm CyberX found vulnerable protocols, widespread Windows XP use and other concerns.
A Belgian security researcher has discovered a "serious weakness" in the WPA2 security protocols used to encrypt many WiFi communications. Attackers can exploit the flaws to eavesdrop as well as potentially inject code such as malware or ransomware into WiFi-connected systems. Prepare for patches.
A hacker exploited an unpatched, 12-month-old flaw in a small Australian defense contractor's IT help desk and stole data for the country's F-35 Joint Strike Fighter program, among other secrets, the Australian government has warned.
Researchers in Australia says they've conquered a thorny problem: how to view information stored on multiple air-gapped networks at the same time without security or usability concerns. They've created a device, called the Cross Domain Desktop Compositor, that's been tested by the Australian Department of Defense.
Yes, malware commonly targets the Windows operating system. But if you limit malware analysis to Windows OS, you're leaving gaping vulnerabilities, says Christopher Kruegel of Lastline Inc. Here's how to maximize your analysis.
The 30-year-old protocol used by motor vehicle sensors to communicate may have to be rewritten following a proof-of-concept "error flooding" attack that can disable airbags, parking sensors and safety systems.
FireEye says Russia's Fancy Bear hackers are targeting hotel guests with a sneaky attack that leaves no traces and steals network credentials. It involves no malware and is virtually impossible to stop.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.