In the wake of the Punjab National Bank breach and other bank breaches, cyber insurance companies are seeing an uptick in demand for their products, says Anup Dhingra of Marsh India, an insurance brokerage and risk management firm.
A group of suspected Chinese cyber espionage actors, dubbed TEMP.Periscope or Leviathan, has re-emerged, targeting the maritime industry as well as others, according to a report from FireEye. Many of those targeted have connections to the South China Sea.
Al Pascual of Javelin Strategy and Research discusses a new report that shows that while crypto wallets may be considered to be at the sharp end of payments innovation, the security vulnerabilities they face are much the same as those that already exist in digital banking and payments.
A recent alert from the Department of Homeland Security warning of vulnerabilities in certain medical imaging products from GE Healthcare is a reminder to other medical device makers and healthcare entities about the risks posed by hardcoded and default credentials.
To help identify and mitigate the next generation of Spectre and Meltdown speculative execution flaws in CPUs, Microsoft and Intel are offering researchers up to $250,000 if they share their discoveries as part of a coordinated vulnerability disclosure program.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
Vendors play a critical role in supporting key business functions. As a result, companies need to take responsibility for managing their security and risk with the partners they choose, but current methods for managing that risk are inefficient.
A March 2018 study conducted by Forrester Consulting on behalf of...
A U.S. power company, unnamed by regulators, has been fined a record $2.7 million for violating energy sector cybersecurity regulations after sensitive data - including cryptographic information for usernames and passwords - was exposed online for 70 days.
A set of vulnerabilities in AMD chipsets that gives attackers enduring persistence on machines appears to be legitimate. But experts are questioning the motivations of the Israeli security company that found the flaws, contending it ambushed AMD to maximize attention.
Security operations center, or SOCs, will not lose their relevance even as Cyber SOCs become more common because both have strengths and weaknesses, says Shiju Rawther, head of technology infrastructure and security operations at a credit bureau in India.
Whoever unleashed malware built to disrupt last month's Winter Olympics in Pyeongchang, South Korea, designed it to look like it had been executed by a group of hackers tied to North Korea. But researchers at the security firm Kaspersky Lab say any such attribution would be false.
Penetration testing can help find vulnerabilities that aren't typically identified by scanning and other monitoring. But the testing comes with some risks, Duke Health CISO Chuck Kelser and pen tester John Nye explain in a joint interview.
Too many organizations lack an effective strategy for using the latest security technologies to protect their data centers, says Sridhar Pinnapureddy, founder and CEO at CtrlS Datacenter, Asia's largest Tier 4 data center.
In yet more evidence of the security shortcomings of government websites in India, a researcher determined that the websites of Bharat Sanchar Nigam Limited, or BSNL, the state-run telecommunications company, were hackable because of SQL injection vulnerabilities.
Although more organizations are adopting cloud access security broker technology, CASB policy templates and runbooks, as well as best practices, are still evolving, says Rohit Gupta, group vice president for cloud security products at Oracle Corp.