TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report.
The director of Britain's GCHQ intelligence agency said at this week's CyberUK conference that declassifying and putting "time-critical, secret information" for stopping online threats into the public's hands "in a matter of seconds" is an imperative.
Asset management - it's not the most exciting thing in the world. In an industry with technologies like automation, machine learning, and AI, asset management doesn't get a whole lot of attention, but it's foundational and one of the biggest problems organizations face today.
Security teams' jobs continue to get...
Organizations face a variety of security challenges as they attempt to secure their environments from the ever-changing threat landscape. As they look to gain more insight from their security devices, while gaining improved speed to detect and respond, managed detection and response is becoming a go-to solution.
The rapidly changing cybercrime landscape has required organizations to seek new methods, such as machine learning, that enable systems to learn, adapt, and uncover emerging fraud patterns quickly. However, there are many debates about the merits of machine learning models for fraud detection and which one works...
Changes in development models, architecture designs, and the infrastructure where we run applications over the past 5-10 years have made modern applications look nothing like they did a decade ago. So why are most companies still using legacy web application firewall (WAF) defenses that were not built for modern web...
By adopting DevSecOps practices, security is finding itself adding significant value to organizations, helping them move faster and safer by working with development and operations teams. Yet according to the SANS 2018 survey, Secure DevOps: Fact or Fiction?, adoption is still in its infancy, and most organizations...
The practices of DevOps, Continuous Delivery and Agile have become common place for some time now among the development and operations teams in most organizations, and now they are surfacing in security teams. This change is rippling across the organization and breaking down silos for software delivery. Teams are...
Research results from over 1,000 global key decision makers with visibility over access management confirm that security professionals are aware that a breach is only a matter of time, with 50% of respondents having already suffered a serious breach or expecting to experience one over the next six months (up from 42%...
A nation-state sponsored espionage campaign dubbed "Sea Turtle" has been manipulating the domain name system to target more than 40 organizations, including intelligence agencies - especially in North Africa and the Middle East, Cisco Talos warns. Experts say defenses against DNS hijacking lag.
From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.
Watch this brief video interview to learn more about how the city of Westland achieved their security goals by harnessing AI to gain the most real-time visibility into their environment.
When it comes to browser security, one mistake made by consumers and enterprise alike is that they see the browser as a one-way window into the internet. The reality is quite different - and potentially costly if overlooked, says Pieter Arntz of Malwarebytes.
In an all-digital world, ID theft is everywhere and is holding companies back. Companies in every industry are seeing a very real and significant impact on their goals. ID fraud isn't just a nuisance; it's a true threat to the business. Traditional identity verification (IDV) methods are increasingly compromised and...
The latest edition of the ISMG Security Report features an update on a congressional report that slams Equifax for lacking a strong cybersecurity culture. Also featured: A new study on the status of women in the cybersecurity industry and the use of Android phones as security keys.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
