Researchers with Armis have disclosed 11 zero-day vulnerabilities in the VxWorks real-time operating system that is used in some 2 billion embedded devices. Of all the "Urgent/11" vulnerabilities, six of the flaws are considered critical.
A Seattle-area woman has been charged with accessing tens of millions of Capital One credit card applications after allegedly taking advantage of a misconfigured firewall. The incident is likely to increase calls for better corporate caretaking of sensitive consumer data.
The Capital One data breach is in early stages of remediation. Art Coviello, former chair of RSA, which was breached in 2011, shares first-hand insight on steps the breached institution and its CEO should be taking now.
The promise of cloud and mobility is to provide access to key services quickly and from anywhere at any time from any device. Zscaler's Lisa Lorenzin opens up on zero trust network access technologies, which provide a secure alternative to legacy methods.
National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers. The bank, which apologized, says the data has been deleted and was not disclosed further.
A medical center and a children's hospital in Puerto Rico are victims of a recent ransomware attack impacting a total of more than a half million individuals. The combined incident is the largest ransomware breach reported to federal regulators so far in 2019. How is this threat evolving?
A report from the U.S. Senate Intelligence Committee finds that Russia targeted election systems and infrastructure in all 50 states during the run-up to the 2016 Presidential elections. The committee, however, could find no evidence that vote tallies were altered.
Many organizations use Active Directory as their domain network management tool of choice. But security experts warn that without locking down and regularly auditing AD, the ease of use that it provides to network administrators can also be tapped by hackers. Start here for essential defenses.
The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption. Also featured: An analysis of Equifax's settlement with the FTC and a discussion of a new report on the cost of data breaches.
Warning: Attackers are abusing poorly secured and managed implementations of Microsoft Windows Active Directory to hack organizations and distribute ransomware. Fewer old operating systems and greater Active Directory security knowledge are helping mitigate the threat. But experts say more must be done.
The U.S. Justice Department and the Federal Trade Commission officially announced a privacy settlement with Facebook that includes a record-setting $5 billion fine. As part of the agreement, CEO Mark Zuckerberg must submit quarterly and annual reports to show that the company is in compliance with the FTC order.