Consumers hate passwords, criminals love them. And while the journey to passwordless authentication takes time, there are lessons to be learned from major global organizations who have started down the path. Dr. Rolf Lindemann of Nok Nok Labs shares insights.
Disruption, distortion and deterioration - these cybersecurity threats are amplified by the ongoing pandemic. Which poses the greatest threat and why? We asked this exclusive panel of CEOs and CISOs, and their responses might surprise you.
The security firm Positive Technologies discovered six vulnerabilities in Palo Alto Networks' PAN-OS, the software that runs the company's next-generation firewalls. The firewall developer has issued patches.
When startups succeed, they typically hire more employees to handle increasingly specialized tasks. The same goes for ransomware gangs, which, as they grow, have been hiring experts with advanced hacking, encryption, negotiation and other skills to help take down larger targets, says Coveware's Bill Siegel.
The start of classroom and online instruction at Hartford Public Schools in Connecticut was canceled Tuesday as a result of a ransomware attack - the latest in a series of online attacks, including distributed denial-of-service disruptions, that have interrupted some schools' return to teaching this fall.
A federal judge has dismissed a lawsuit filed last year against Google and the University of Chicago Medicine involving complex privacy and other issues related to the use of patients' de-identified electronic health record data. But the court left the door open to filing an amended complaint.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one. That's because ransomware-wielding gangs continue to find innovative new ways to extort cryptocurrency from crypto-locking malware victims.
The secure access service edge model, or SASE, treats identity as the new perimeter, says Lee Dolsen Singapore-based chief architect for Zscaler in the Asia Pacific region, who offers implementation insights.
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
Ransomware continues to pose a "significant" threat, and email remains one of the top attack vectors being used by both criminals and nation-states, Australia's Cyber Security Center warns in its latest "Cyber Threat Report," which urges organizations to improve their defenses.
The average amount stolen in a business email compromise scam increased 48% during the second quarter of 2020, but the number of attacks decreased during that period, the Anti-Phishing Working Group reports.
The eHealth Initiative and the Center for Democracy and Technology are seeking feedback on their draft privacy framework that addresses gaps in legal protections for consumer health data falling outside of HIPAA's regulatory umbrella, says eHI CEO Jennifer Covich Bordenick.
In a court filing, online voting startup Voatz argues that most security research should be limited to those who have clear permission to probe systems and software for vulnerabilities. The amicus brief is part of a U.S. Supreme Court case that could redefine a federal computer law.
The U.S. Cybersecurity and Infrastructure Security Agency is ordering most executive branch agencies and departments to create vulnerability disclosure programs by March 2021. Some agencies, such as the Pentagon, already have robust programs in place.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.