Researchers are alarmed about the increasing sophistication of crimeware-as-a-service, an underground business model that pushes adaptable malware from a botnet. How can banking institutions defend their accounts?
As CEO of ForeScout Technologies, which focuses on continuous monitoring of networks, T. Kent Elliott says he has to anticipate the next generation of vulnerabilities. So what's the most significant emerging risk? The Internet of Things.
New NIST guidance is designed to help organizations assess proper security controls, especially those tied to the continuous monitoring of IT systems for vulnerabilities.
Users' fear of data loss on personal devices must be balanced with an organization's need to protect sensitive information, says ZixCorp's Nigel Johnson. He explains the evolution of mobile device management.
Gary Steele has seen attack methods rapidly evolve over the last five years. But what the CEO of Proofpoint hasn't seen is a comparable evolution in how the security industry responds to attacks.
A report claiming that Las Vegas Sands Corp. was hit with a "wiper" malware attack back in February, similar to one that recently affected Sony Pictures Entertainment, illustrates why more organizations need to mitigate the risks of such an attack.
Financial transactions on smart phones require layered security that helps outsmart cyberthieves, says Alan Dabbiere, chairman of AirWatch, who describes today's mobile challenges.
Security experts see the FIDO Alliance's release of two universal authentication specifications as a positive move in the effort to eliminate passwords. But the standards' impact will be minimal unless they're widely adopted.
A recent blog post by Managing Editor Mathew J. Schwartz, "Why Are We So Stupid About Passwords?" raised a number of issues about the ongoing risks involved in using passwords for authentication. Read the strong reaction to the commentary and join the conversation.
A new version of the Destover malware includes a legitimate certificate from Sony. But a researcher claims it's a hoax. Meanwhile, new evidence emerges that the hackers who attacked Sony Pictures Entertainment had criminal - not nation-state - intentions.
Security experts are sounding warnings that a flaw known as POODLE, revealed Oct. 14, can now be used to decrypt some Internet communications secured using TLS. Vendors have begun describing workarounds and issuing patches.
The "wiper" malware attack against Sony Pictures Entertainment has numerous commonalities with previous wiper attacks in Saudi Arabia and South Korea. This infographic summarizes the attacks and highlights their similarities.
Like the Target breach a year ago, the Sony Pictures Entertainment hack that's grabbed recent headlines will prove to be a catalyst for change, grabbing the attention of CEOs and board members and spurring them to beef up information security.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Technology will always play a critical role in security. Yet, companies cannot rely exclusively on the tools. People present a number of security-related problems that companies must address with education.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.