A WannaCry outbreak has hit unpatched Windows 7 systems at Taiwan Semiconductor Manufacturing Co., crippling its factories. The world's largest chipmaker, which traced the infection to a new software tool that it failed to scan for malware before installation, says the outbreak could cost it $170 million.
The chief security officer for the U.S. Democratic Party is recommending that all party officials avoid using mobile devices made by Chinese manufacturers ZTE and Huawei. Bob Lord says that even if devices from those manufacturers are free or low cost, no one wants to be the next "patient zero."
Businesses require better protection against malware and
DNS-based exfiltration. To identify the most significant
challenges to achieving a more secure enterprise, Ponemon
Institute - a renowned research center committed to privacy, data
protection, and information security policy - surveyed 604 IT and
Many companies that have adopted a layered security strategy
still fail to protect their Domain Name System (DNS)
infrastructure, a critical Internet protocol that was never
designed with security in mind.
Read this white paper to learn why integrating a DNS-based
solution with layered enterprise...
Assuming that every user, request, and server is untrusted until
proven otherwise, a zero trust solution dynamically and
continually assesses trust every time a user or device requests
access to a resource. But zero trust offers more than a line of
The model's security benefits deliver...
Cloud-based CRM giant Salesforce.com is warning some of its Marketing Cloud users that any data they stored may have been accessed by third parties or inadvertently corrupted because of an API error that persisted for six weeks.
Reddit suffered a data breach in June after attackers managed to bypass its SMS-based two-factor authentication system. User data from 2007 and before was compromised. Security experts say the breach should serve as a reminder that using any two-factor authentication is better than none.
Facebook has suspended eight pages and 24 accounts for "coordinated inauthentic behavior" tied to apparent political influence campaigns ahead of an event in Washington. While Facebook declined to attribute the activities to specific individuals or groups, U.S. lawmakers are blaming the Kremlin.
Facebook says it has shut down 32 pages and accounts that it claims were "engaged in coordinated inauthentic behavior" apparently designed to influence U.S. politics. But the social network stopped short of attributing the "bad actors" to Russia.
Social media platforms have emerged as the world's most popular forms of communication. They also have become popular platforms for committing fraud. David Pollino of Bank of the West outlines what institutions should do to secure their social media presence.
Recognizing that social media create fertile grounds for fraud, the American Bankers Association now shares advice for how institutions can use these channels in ways that are compliant, smart and risk-savvy. The ABA's Denyette DePierro offers some tips.
Data science is playing a fundamental role in a more dynamic approach to cybersecurity, says Jim Routh, CISO of Aetna, who stresses the importance of applying machine learning to front-line data security controls. Routh will be a featured speaker at the ISMG Security Summit in New York Aug. 14-15.
Most cybersecurity tools are designed to help identify, alert on, and in some cases prevent a particular type of malicious activity. Current technologies send alerts and may even prevent specific types of attacks, but the burden remains with the organization to figure out whether that alert is meaningful in a broader...