An identity and access management strategy for a hybrid cloud environment should include single sign-on as well as multifactor authentication, says Andrew Koh, deputy general manager and regional lead-Risk at Habib Bank Ltd. in Singapore.
Europe's highest court has invalidated the Privacy Shield, a data-sharing agreement between the EU and U.S., on the grounds that the U.S. offers insufficient protection for Europeans' privacy rights. Privacy advocates say the ruling should drive the U.S. to rethink its policies.
The latest edition of the ISMG Security Report analyzes the latest developments in banning Huawei technology from 5G networks. Also featured are discussions of how to respond better to cybercrime and whether we're on the cusp of a digital currency revolution.
COVID-19 contract-tracing applications that help monitor individuals' possible exposure to those who have tested positive for the virus present a variety of privacy issues that must be addressed, says regulatory attorney Nancy Perkins.
While the Wednesday hijacking of several high-profile and verified Twitter accounts appears to have been confined to a cryptocurrency scam, security experts are warning that the platform's security failures could lead to bigger attacks down the road.
Government officials in the U.S., U.K. and Canada issued a joint advisory Thursday warning that a Russian hacking group is targeting various research organizations in those countries involved in COVID-19 vaccine development.
Cybersecurity experts are pushing organizations to immediately patch a critical zero-day vulnerability in SAP's NetWeaver Application Server because threat actors are likely searching for networks that are susceptible to the flaw.
The Institute of International Finance, a global association of financial institutions, is focusing on strategies for using digital identification and machine learning to combat financial crime, says Matthew Ekberg, a senior policy adviser at the institute.
Several prominent business executives and politicians, including Joe Biden, Elon Musk and Bill Gates, had their Twitter accounts hijacked in what appears to be a cryptocurrency scam, according to news reports. Some security experts believe that two-factor authentication protections failed.
Microsoft is urging its customers to patch a "wormable" vulnerability affecting the Windows Server operating system that could allow an attacker to exploit an organization's entire infrastructure.
Fraudsters used phishing emails purporting to be a warning from Chase Bank about "unusual activity" on credit cards in an attempt to steal consumers' account credentials, according to Mariana Pereira of the security firm Darktrace.
Malware designed to provide backdoor access to corporate networks, gain administrative privileges and deliver additional payloads was hidden in tax software the Chinese government requires companies doing business in the nation to use, researchers at the security firm Trustwave report.
Creating a cyber intelligence strategy involves operational and tactical measures as well as technical approaches, says Jeff Bardin, chief intelligence officer at Treadstone 71.
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
The British government has officially reversed course and will now ban Huawei's telecom gear from its 5G networks. The ban on use of the Chinese firm's equipment, based in part on U.S. sanctions against the manufacturer, goes into effect at year's end.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.