The recent fix for a zero-day flaw in Microsoft Office appeared more than five months after Microsoft was privately alerted to the flaw, and followed months of it being exploited via in-the-wild attacks. Can Microsoft do better?
When it comes to vulnerability management, many organizations opt to protect only their most critical security gaps - but, meanwhile, the criminals exploit the secondary vulnerabilities. Kevin Flynn of Skybox Security explains why context is everything in managing vulnerabilities.
Mayra Koury wears a lot of hats at $2 billion Tech Credit Union in San Jose. One of them is fraud investigator. Hear how she single-handedly staked out the institution's ATMs and helped law enforcement catch a skimming fraudster in action.
Many media outlets have suggested that the recent arrest of a Russian computer programmer ties to the 2016 U.S. presidential election meddling blamed on Russia. But the only source for this supposed connection traces to a Russian propaganda arm that's been blamed for participating in said meddling.
A look at how top security vendors share cyberthreat intelligence leads the latest edition of the ISMG Security Report. Also, states taking up legal efforts to assure the safety of medical devices and apps sold to consumers.
Larger hospitals, especially teaching institutions, appear to be at greatest risk for health data breaches, says a new study. But what are the major contributing factors?
A report outlining new ways to recruit and retain cybersecurity professionals in the U.S. federal government leads the latest edition of the ISMG Security Report. Also, the sector considered the most cybersecurity challenged, and the growing interest in virtual private networks.
Legislation to direct the National Institute of Standards and Technology to create a set of tools, best practices and guidance to help small businesses protect their digital assets is heading to the U.S. Senate.
Now that President Donald Trump has signed legislation to eliminate the Federal Communications Commission's oversight of the way internet service providers sell their customers' information, could other jurisdictions - such as states - step in?
Cybersecurity in the healthcare sector, which remains inadequate, could be boosted with better threat information sharing as well as improved collaboration with federal agencies, several experts told a Congressional panel April 4.
A North Korean IP address has turned up in an investigation by Kaspersky Lab into attacks against banks' SWIFT systems. The finding is a strong indication that the Lazarus hacking group may be run by North Korea.
The latest edition of the ISMG Security Report leads off with an interview with the co-editor of a new book, Inside Threat, who uses examples from the physical world that can be applied to the virtual world. Also, organizations fall short on offering identity protection services.
The security landscape has shifted significantly for financial services organizations. And now they must use digital transformation as the impetus to evolve their cybersecurity strategies, says Bruce Roton of Level 3.
Collaboration between medical device manufacturers and ethical hackers who discover vulnerabilities is getting better, but there's still plenty of room for improvement, says Bill Aerts, the former global privacy and security officer of Medtronic.
The Department of Health and Human Services is making progress in building its new team to lead IT-related efforts, including addressing health data privacy and security matters. Among the appointments: Donald Rucker, M.D., is the new national coordinator for health IT.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.