It's one thing to plan for a remote workforce. Quite another when you suddenly have to deploy and support it - at 100%. Martin Mazor of Entertainment Partners discusses the vital role of identity in his enterprise's unique business.
The U.S. federal government is increasingly using IoT devices across its agencies, which has raised concerns about security. NIST has published draft guidance to help federal agencies navigate safe IoT deployment and use, says Kat Megas, program manager in NIST's Cybersecurity for IoT Program.
Biometrics, device-based risk scoring solutions and geo location can be helpful tools for tackling ID fraud, says Trace Fooshee, senior analyst at Aite Group, who calls for a layered approach.
The ROI for security operations center investments has been worsening because of increasing SOC complexity and rising security engineering and management outsourcing costs, according to Chris Triolo of FireEye, who says says new SOC tools can help address these issues
To take down bigger targets more easily and quickly, ransomware gangs are increasingly tapping initial access brokers, who sell ready access to high-value networks. Economically speaking, it's a no-brainer move for cybercrime gangs.
Up to 30% of the organizations hit as part of the cyberespionage campaign waged by the hackers responsible for the SolarWinds supply chain attack did not use the company’s compromised software, says Brandon Wales, acting director of CISA. These victims were targeted in a variety of other ways, he says.
More fraudsters are using artificial intelligence to generate “Frankenstein faces” for use in synthetic identity fraud. Kathleen Peters of Experian outlines this disturbing development in fraudster behavior, as outlined in a new report.
Ransomware attacks continue to pummel organizations, but fewer victims have been paying a ransom, and when they do, on average they're paying less than before, says ransomware incident response firm Coveware, which traces the decline to attackers failing to honor their data deletion promises.
Trickbot appears to be making a comeback with a fresh campaign that is targeting insurance companies and legal firms in North America, according to an analysis by Menlo Security. Researchers had warned the malware might surface again after a coordinated takedown of the botnet's infrastructure in 2020.
The number of data breaches being reported in the U.S. and elsewhere each year continues to decline. But security experts say this unfortunately can be explained by criminals increasingly focusing on lucrative ransomware and business email compromise scams, which require scant data to be successful.
Microsoft researchers say that a North Korean hacking group that the company calls "Zinc" - which is better known as the Lazarus Group or Hidden Cobra - likely was responsible for targeting vulnerability researchers in an attempt to steal information via a backdoor.
The law enforcement agencies behind this week's disruption - dubbed “Operation Ladybird” - of Emotet are helping victims by pushing out an update via the botnet’s infrastructure that will disconnect their devices from the malicious network.
Some people run from change. Arun DeSouza of Nexteer Automotive runs toward it. "Now is my time," says the veteran chief information security and privacy officer, who shares his leadership and technology insights in this exclusive interview.
Researchers at the security firm RiskIQ have discovered a phishing kit they call "LogoKit" that fraudsters can use to easily change lures, logos and text in real time to help trick victims into opening up messages and clicking on malicious links.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.