In May 2017, the Singapore Government cut direct access to the Internet from its internal systems. This is a policy that is already adopted by Korean banks, many U.S. and U.K. military establishments, as well as the Japanese government. This is to protect government-owned computer systems from potential cyber threats...
Cyber threats have become part of the new reality across industries and governments, and some organizations are responding to this growing threat by mandating internet separation - restricting internet access from corporate or government computers to protect against cyber threats. Fears around data loss compounded...
In a world where cyber threats have become the norm, organizations must equip themselves with solutions that prevent and isolate attacks. Today, many organizations are mandating Internet separation as a means of controlling these threats. While physical Internet separation or air gap networks is one possible approach,...
Much of the world's critical infrastructure gets controlled by ICS or SCADA systems. But passive network traffic analysis by industrial control system security firm CyberX found vulnerable protocols, widespread Windows XP use and other concerns.
A Belgian security researcher has discovered a "serious weakness" in the WPA2 security protocols used to encrypt many WiFi communications. Attackers can exploit the flaws to eavesdrop as well as potentially inject code such as malware or ransomware into WiFi-connected systems. Prepare for patches.
A hacker exploited an unpatched, 12-month-old flaw in a small Australian defense contractor's IT help desk and stole data for the country's F-35 Joint Strike Fighter program, among other secrets, the Australian government has warned.
Researchers in Australia says they've conquered a thorny problem: how to view information stored on multiple air-gapped networks at the same time without security or usability concerns. They've created a device, called the Cross Domain Desktop Compositor, that's been tested by the Australian Department of Defense.
In the wake of increasing cybersecurity concerns, the government of India wants to leverage indigenously developed security solutions to protect telecom networks. But some security experts say that could prove difficult.
The 30-year-old protocol used by motor vehicle sensors to communicate may have to be rewritten following a proof-of-concept "error flooding" attack that can disable airbags, parking sensors and safety systems.
Traditional perimeter-centric data center security strategies are no longer effective against today's malicious and highly sophisticated attacks. While tremendous effort, resources, and technology are applied to securing the perimeter of the data center, until recently, nothing resembling that same level of thought...
FireEye says Russia's Fancy Bear hackers are targeting hotel guests with a sneaky attack that leaves no traces and steals network credentials. It involves no malware and is virtually impossible to stop.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
Not so long ago, the information network was a tangible entity to manage and secure. Today, in the age of the cloud and connected devices, network security is a whole new creature. Michael DeCesare, CEO of Forescout, discusses how to respond to this evolution.
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.
A former Qualys customer for more than a decade, Mark Butler is now the company's CISO. And one of his jobs is to help spread the word to other security leaders about the vendor's vulnerability management solutions.