The Indian Railway Catering and Tourism Corp. took two years to fix a security vulnerability that could have given hackers unfettered access to the personal information of passengers, a researcher claims. Some security practitioners question whether government agencies pay enough attention to data security.
As the threat landscape evolves, it becomes a game of survival of the fittest. Only the best attacks and attackers remain standing, and the result is a series of targeted ransomware attacks that now cost global enterprises millions of dollars per year. This is among the important findings of the Sophos 2019 Threat...
Google is investigating an unorthodox routing of internet traffic that on Monday sent traffic bound for its cloud services instead to internet service providers in Nigeria, Russia and China. Security experts say border gateway protocol is to blame and no easy fix is in sight.
French film production and distribution company Pathe fired the two senior managers overseeing its Dutch operations after they fell victim to a business email compromise scam and approved $21 million in transfers to fraudsters. Many organizations remain at high risk from such scams.
Rather than creating a new commission to take the lead role on data security, the government of India is giving the Telecom Commission that role and renaming it the Digital Communications Commission, making it a primary custodian of citizens' data.
Hackers behind the FASTCash ATM cash-out attack campaign - tied by the U.S. government to North Korea - use Trojan code designed to exploit bank networks running outdated versions of IBM's AIX Unix operating system, Symantec warns.
The days of effective CISOs being pure-play technologists are long gone. Instead, CISO Paul Swarbrick says the role demands someone who is expert "in people, and management and risk," and who is skilled at bringing to bear the right experts for every strategic challenge they identify.
How can organizations get the most out of partnering with managed security services providers and avoid common pitfalls? Cybersecurity consultant Vito Sardanopoli, an experienced CISO, offers top tips.
Join our expert as we look into some of the most effective and crippling threat trends from the last quarter, including a rise in the use of cryptojacking with refined sophistication, making it harder to detect.
Watch this webinar to learn more about:
The current threat landscape and future trends to watch out...
U.S. Attorney General Jeff Sessions resigned on Thursday at the request of President Donald Trump. While long expected, the move raises questions about the fate of an ongoing investigation into Russia's election hacking.
This research report examines the difference in time between when a public exploit for a vulnerability is published
and when users actively assess it. These two events represent the first move the attacker and defender make.
The premise of this paper is that this delta is an indicative metric in determining Cyber...
The challenge when designing technology for critical national infrastructure sectors is that it must be securable today and remain resilient to cyberattacks for decades to come, says cybersecurity Professor Prashant Pillai.
Georgia quietly fixed two flaws in its voter registration website that could have exposed personal information. How the secretary of state's office discovered the flaws and reacted suggests it may have erred when making a sensational accusation against the Democrats on the eve of the U.S. midterm elections.
Criminals wielding crypto-locking ransomware - especially Dharma/CrySiS, GandCrab and Global Imposter, but also SamSam - continue to attack. Insurance firm Beazley says cyber claims for ransomware have increased in recent months, with the healthcare sector hardest hit.
An Iowa eye clinic and its affiliated surgery center recently recovered from a ransomware attack on their common systems within one day and without paying a ransom. This case offers important reminders to other healthcare entities and their vendors about advance planning.