The computer systems the U.S. Department of the Treasury uses to track the nation's debt have serious security flaws that could allow unauthorized access to a wealth of federal data, according to a pair of audits released this week by the Government Accountability Office.
Brad Smith, Microsoft's chief legal officer, says Australia's encryption-busting law is causing companies and governments to look elsewhere to store their data. Microsoft hasn't changed it own local operations yet, but other companies say they're no longer comfortable storing data there, he says.
Identifying the data gaps in the rapidly expanding attack surface is critical to allow more sophisticated preventive and response capabilities, says Kory Daniels of Trustwave.
Norsk Hydro reports that a March 18 ransomware attack has already cost the aluminum manufacturer more than $40 million, and the company continues to bring its systems back online.
Shortly after a massive data breach affected up to 50 million accounts last September, Facebook didn't believe the incident needed to be reported under Australia's mandatory breach notification law. While Facebook voluntarily notified all users, emails show the company initially underestimated the breach.
It's been decades now since Steve Katz became the business world's first CISO. Today he is still active in the cybersecurity community and offers his unique perspective on security threats, solutions and the next generation of leaders.
In just five years' time, the public cloud security conversation has changed dramatically, says Matt Chiodi of Palo Alto Networks. But security leaders still struggle with visibility and compliance.
Business perimeters are becoming far more difficult to secure in the age of multicloud. Laurence Pitt of Juniper Networks discusses security strategies for the new era.
New studies debut every day in the cybersecurity field. But how does one separate true research from marketing hype? Researchers Wade Baker and Jared Ettinger discuss the distinguishing qualities of credible studies.
As fraud has shifted over the past decade from basic account takeover to synthetic identities and new account fraud, so has the field of identity protection evolved. Tom Thimot and George Tubin of Socure say they are here to disrupt the industry.
Beazley Breach Response Services, a unit of global insurance company Beazley, reports that nearly half of the more than 3,300 breaches it investigated last year traced to a hack attack or malware infection. And half of those hacking/malware attacks were tied to business email compromise schemes.
A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.
Passwords are still a persistent security threat, given their ubiquity as a form of authentication and the inability of users to create strong, unique passwords. John Bennet of LogMeIn discusses the issue and solutions.
Victims of hurricanes, wildfires and other disasters now face a second hit: The U.S. Federal Emergency Management Agency inadvertently shared 2.3 million disaster survivors' personal data of with an agency contractor, leaving victims at increased risk from fraud and identity theft.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.