A security audit of popular password managers has revealed some concerning weaknesses. Luckily, none of the problems are showstoppers that should put people off using such applications. But the research shows that some password managers need to more thoroughly scrub data left in memory.
Fast-food giant Wendy's has reached a $50 million settlement agreement with financial institutions that sued after attackers planted RAM-scraping malware on point-of-sale systems in 1,025 of its restaurants in 2015 and 2016, exfiltrating data for 18 million payment cards.
Recent apparently state-sponsored hack attacks have hit dozens of companies in the U.S. and political parties in Australia. Officials say China and Iran appear to have escalated their online espionage campaigns, seeking to gather better intelligence and steal intellectual property.
OT, IoT and systems targeted by cryptominers - those are among the main network security concerns of Greg Young, VP of cybersecurity at Trend Micro. Which technology trends should security leaders follow to improve network security? Young shares his insight.
This Valentine's Day, authorities are once again warning individuals to watch out for anyone perpetrating romance scams. The FTC says Americans lost $143 million to romance scams in 2017, while in the U.K., Action Fraud says reported romance scam losses in 2018 topped $64 million.
The 2019 RSA Conference offers an opportunity to learn about new concepts across all aspects of cybersecurity. One such area is "data gravity," which will be the topic of a session featuring Microsoft's Diana Kelley and Sian John. They discuss the concept in a joint interview.
What if organizations' information security practices have gotten so good that they're finally repelling cybercriminals and nation-state attackers alike? Unfortunately, the five biggest corporate breaches of the past five years - including Yahoo, Marriott and Equifax - suggest otherwise.
The risk of cyberattacks on financial institutions (FIs) cannot be overstated. In the past year, there have been more than one billion cyberattacks on financial institutions. That is three hundred times more than any other industry, such as retail, insurance, or healthcare. At an average cost of $18 million dollars...
Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current in an interview at the HIMSS19 conference.
The evolution of the threat landscape has dramatically increased the size of the security team's technology stack. However, a large and complex security stack with low integration and too many point products will decrease system performance and create headaches for your understaffed security team.
In response,...
The Trump administration is leading a broadside against Chinese telecommunications giants Huawei and ZTE. But concerns that Chinese networking gear could be used as backdoors for facilitating state-sponsored surveillance or disrupting critical infrastructure are not limited to America.
Cryptocurrency exchanges are seeing fraudsters submit doctored photos in an attempt to reset two-step verification on accounts. The ruse appears to have some degree of success, underscoring the difficulties around verifying identity on the internet.
Hackers have breached the Australian Parliament's network, although investigators say they have found no evidence that attackers stole any data. But Parliament's presiding officers said all users have been ordered to reset their passwords as a precaution.
Whether you have a security team of two or 100, your goals are to ensure the business thrives. And that means protecting
critical systems, users, and data, detecting and responding to threats, and staying ahead of cybercrime. But there are a number of serious challenges plaguing today's SOC that may impede your...
IT security teams have to protect their organizations from cyber attackers while also addressing internal and regulatory compliance requirements, such as ISO 27001, PCI DSS or GDPR. This is no small task. If you're relying on a basic log manager or rudimentary spreadsheets to store and search through logs, chances...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
