Financial services organizations face unique cloud security challenges, due to special regulatory, data security and privacy considerations that don't necessarily apply to other industries. Security and payments experts with overlapping skill sets unpack the challenges and how to deal with them.
Cybersecurity organizations are constantly monitoring systems for signs of a breach and patching vulnerabilities, but the real focus should be on enterprise risk. Nick Sanna, president of FAIR Institute, makes the case for implementing a risk-based approach to cybersecurity.
Startup Lumu edged out larger incumbents Extra Hop, Arista Networks and Trend Micro for the top spot in Forrester's first-ever network analysis and visibility rankings. The percolating of federal zero trust mandates into the civilian world prompted Forrester's evaluation of providers in the market.
Federal regulators are once again reminding healthcare entities and their vendors of the importance of using strong multifactor authentication to help fend off hacks and other compromises, but they also warn about avoiding common mistakes with MFA.
Critical services in the Netherlands could be a potential target of ransomware and hacktivist attackers with ties to Russia as a means to sow large-scale disruptions in the country, according to a Dutch National Cyber Security Center warning this week.
The United States is further fortifying its critical infrastructure security with a new Cybersecurity and Infrastructure Security Agency program that enhances the cyber resilience of participating partners leveraging the agency's advanced threat detection and monitoring capabilities.
The BlackCat RaaS group is developing a threat activity cluster using chosen keywords on webpages of legitimate organizations to deploy malicious malware. Trend Micro researchers discovered cybercriminals using malvertising to deploy malware using cloned webpages of WinSCP and SpyBoy.
"Exposure management has become top of mind for most CISOs" due to three factors: the uncertain geopolitical landscape, the proliferation of the cloud and an increased focus on regulations and compliance, according to Sarah Ashburn, Chief Revenue Officer at Censys.
Attackers targeting the supply chain are "quite predictable in their movements; they want to persist their access, so they're looking for credentials," said Mackenzie Jackson, developer advocate at GitGuardian, who recommends deploying honeytokens to track the predictability of criminals' actions.
With the growth of generative AI services, organizations want better control of the data going in and coming out of AI. Talon CEO Ofer Ben-Noon discussed how his firm has built a DLP compliance model around generative AI services that blocks healthcare information or SWIFT data shared with ChatGPT.
Big banks want social media firms to take accountability for scams that occur on their payment platforms, but that doesn’t mean reimbursing victims. Banks need to take the lead in making victims whole quickly. And big tech and telcos need to kick the scammers out of their platforms.
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an updated version of the Powerstar backdoor, also known as CharmPower, which takes advantage of a distributed file protocol to distribute customized phishing links.
The world's top chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom. TSMC said the data leak took place at a third-party supplier and contains only certain initial configuration files. It said customer information and operations were not affected.
The U.S. Department of Health and Human Services has notified Congress that the information of at least 100,000 individuals has been compromised in hacking incidents at HHS contractors involving exploitation of a flaw in managed file transfer software MOVEit from Progress Software.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.