Researchers have released details of a serious vulnerability in Microsoft's Exchange email server, nicknamed "ProxyToken." The bug, which was patched by Microsoft in April, could be exploited to copy emails from Exchange inboxes.
What makes software security effective? Ultimately, effective software security needs to integrate and automate both accurate testing and remediation into developer workflows, train developers to avoid security flaws, and prove your security posture -- otherwise, you are choosing between speed and risk. This is even...
This edition of the ISMG Security Report features an analysis initiatives unveiled by the Biden administration to enhance supply chain and critical infrastructure security and address the cybersecurity skills gap. Also featured: LockBit 2.0 ransomware rep 'tells all'; misconfigured Microsoft Power Apps.
The Biden administration unveiled a package of supply chain and critical infrastructure security initiatives following a meeting at the White House with tech executives and others. Companies such as Google and Microsoft also promised billions in spending on cybersecurity over the next several years.
Google has removed eight fake cryptomining apps from its Play Store, but researchers at security firm Trend Micro have flagged 120 other apps on users' phones purporting to also be cryptomining. Users paid for services the eight apps never delivered.
Competing for customer loyalty in a digital world is hard. To add to this challenge, security teams must defend the business from motivated adversaries who have evolved their tactics to bypass traditional defences and evade detection.
Any business that operates eCommerce applications or manages user accounts of...
Competing for customer loyalty in a digital world is hard. To add to this challenge, security teams must defend the business from motivated adversaries who have evolved their tactics to bypass traditional defences and evade detection.
Any business that operates eCommerce applications or manages user accounts of...
Microsoft's Patch Tuesday rollout addressed two additional security issues within Windows Print Spooler, including one zero-day. Microsoft's August security update covers 44 vulnerabilities, with seven rated critical. Intel and Adobe also made security fixes.
More organizations are taking a "privacy by design" approach to their applications, says Barry Cook, group data protection and privacy officer at VFS Global, a Dubai-based visa outsourcing and technology services company. It's part of an effort to balance privacy and the benefits of convenience.
The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.
83% of organizations are looking for new monitoring approaches to handle today’s cloud complexity. IT teams are challenged with monitoring cloud services and mission-critical applications by separate tools which lead to swivel chair approaches, runaway costs, and fragmented operational data getting trapped in siloed...
Researchers at Palo Alto Networks' Unit 42 say they have demonstrated how exploits of Microsoft Jet Database Engine vulnerabilities could lead to remote attacks on Microsoft Internet Information Services and Microsoft SQL Server to gain system privileges. Microsoft recently patched the flaws.
The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. attorneys' offices in 15 states and Washington, D.C., throughout 2020, according to an update posted by the Justice Department.
Virtual visits transformed the healthcare industry, making care accessible to remote patients online. This change, while beneficial, also meant that millions of healthcare workers and patients began to exchange sensitive healthcare issues over unvetted cloud apps that weren’t built to secure health...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.