Intel faces 32 lawsuits filed over the trio of flaws in its CPUs known as Meltdown and Spectre, seeking damages for the security vulnerabilities as well as alleged insider trading. The flaws have also been cited in lawsuits against chipmakers AMD and ARM, as well as against Apple.
Information security and risk management teams are frequently asked to update their Board of Directors with the cybersecurity posture of both their company and their vendors. Gartner estimates that by 2020, 75% of Fortune 500 companies will treat vendor risk management as a Board-level initiative to mitigate brand and...
Tracking risk across the vendor ecosystem is the best way to stay ahead of cybersecurity threats.
Download this whitepaper and learn how you can transform your vendor risk management with:
Financial services firms continue to be a favorite target of threat actors, who are launching attacks that are increasingly subtle, complex, and dangerous. Even though financial institutions might maintain tight security over their own operations, lapses on the part of third-party vendors can provide malicious hackers...
Point-in-time risk assessments no longer provide enough timely, relevant data to support effective risk management efforts. In response, third-party risk intelligence (TPRI) solutions enrich internal assessment data with external information and analysis.
Download this Forrester report and learn:
In an exclusive, in-depth analysis, a panel of security experts concludes that India's recent Aadhaar data security conundrum, resulting in identity theft and data breaches, was due to poor implementation of security, monitoring and authentication mechanisms.
The reality of just being able to know what's in the environment is to know where organisations are vulnerable so they can then take the right approaches to addressing it.
A frustrating factor with WannaCry is that it leveraged a known vulnerability, one that had been disclosed for over a month. The patch had...
As a long-time security leader, Qualys CISO Mark Butler has watched the evolution of security tools and platforms. The best-of-breed approach still has value, but also has failed us, he says. How can automation and orchestration provide new business value?
As threats and attacks become more frequent, the alerts and alarms to be investigated become more unmanageable. Plus, by the time the warnings are checked, the damage may already be done. We need a new paradigm that moves the enterprise from reactive to predictive. Can user behavior analytics and machine learning...
How bad does a third-party fix have to be for Microsoft to issue a rare, weekend update that helps IT administrators disable it? A security update from Microsoft allows users to disable a faulty Intel firmware update that can lead to frequent rebooting as well as lost or corrupted data.
How much does it cost to buy cybercrime-enabling products or services? Just $5 and up, security researchers say. Law enforcement agencies warn that small-time players as well as "serious and organized" crime rings are using cybercrime as a service to make illicit profits.
Technology giants are still struggling to identify what's at risk from the Spectre and Meltdown flaws in modern CPUs, never mind getting working security updates into users' hands. In the meantime, expect a rush by researchers to find more flaws in microprocessor code.
In separate cases, two hackers have either pleaded guilty or been sentenced to serve jail time in part for launching or facilitating DDoS attacks. One defendant, John Kelsey Gammell, was unmasked after taunting a former employer over the "ongoing IT issues" his DDoS attacks were causing.
Organizations in the Middle East and Central Asia are beginning to respond to the nuances of the evolving threat landscape in the region, says Tata Communication' Avinash Prasad in this exclusive interview.