Vulnerabilities in some VPNs used to remotely connect to industrial control systems could enable hackers to compromise large-scale industrial organizations, the security firm Claroty reports.
CISA is warning that threat actors are actively exploiting a remote code execution vulnerability in F5's BIG-IP network products that can lead to data exfiltration and other security issues. Earlier, researchers and F5 had urged users to patch the flaw.
How do you proactively manage policy changes, protect devices and stop new threats? You need a radically new approach to network security that can scale faster than manual approaches.
Rossella Mattioli, a network and information security expert at ENISA, the European Union Agency for Cybersecurity, discusses a new report offering insights on detecting network security incidents.
Palo Alto Networks product alert: All users should immediately patch a "critical" flaw in Pan-OS that can be remotely exploited to bypass authentication and take full control of systems or gain access to networks, U.S. Cyber Command and the Cybersecurity Infrastructure and Security Agency warn.
Beyond mere information sharing, collective defense is a concept that aligns public and private sectors in a unified front against cyber threats. Bill Swearingen of IronNet Cybersecurity defines the concept and how it's being employed today.
Worries over ransomware and malware are slowing down enterprise IoT deployments, which is a reflection of the reputational and customer relationship risks at stake, according to a new survey. Here's what enterprises need to keep in mind when selecting security technology for IoT.
Hackers tried two methods of exploiting a zero-day vulnerability in Sophos' XG firewall, but Sophos says it made a temporary fix that mitigated the risks. Attackers originally attempted to plant a Trojan, but then switched to ransomware.
A recently discovered cyberespionage toolkit called Ramsay is designed to infiltrate air-gapped networks to steal documents, take screenshots and compromise other devices, according to the security firm ESET.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Done right, a zero trust architecture can reduce the complexity of one's environment while also improving cybersecurity protection and efficiency. Bob Reny of ForeScout focuses on three critical considerations: visibility, compliance and control.
The latest edition of the ISMG Security Report analyzes the privacy issues raised by COVID-19 contact-tracing apps. Also featured: An update on efforts to fight fraud tied to economic stimulus payments; John Kindervag on the origins of "zero trust."
CISA issued a warning to organizations running Pulse Secure VPN servers that their networks may still be vulnerable to hacking even if they applied patches for a previous flaw. Attackers are now using stolen Active Directory credentials to access networks.
Ten years since he coined the term "zero trust," John Kindervag, field CTO of Palo Alto Networks, sees CISOs increasingly being faced with the challenge of having to implement the "never trust, always verify" model across increasingly complex IT environments, including cloud and IoT.
Information Security Media Group, a premier media partner at the annual RSA Conference, will conduct over 200 video interviews at this year's event with cybersecurity thought leaders, executives, CISOs and sponsors.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.