An unprotected database belonging to Chinese e-commerce site Gearbest exposed 1.5 million customer records, including payment information, email addresses and other personal data for customers worldwide, white hat hackers discovered.
Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system. So went the pitch from the NSA's Rob Joyce at this year's "Get Your Free NSA Reverse Engineering Tool" presentation at RSA Conference 2019.
It's not enough to detect an attack. To be truly effective, defenders need to capture digital fingerprints and movement through the network. Lastline CEO John DiLullo discusses this level of defense.
In the expanded, virtual enterprise, security leaders face the challenge of defending an ever more complicated attack surface. How can they best understand and mitigate their risks? Kelly White of RiskRecon shares insights.
The problem: growing adoption of interconnected technologies is stretching capabilities of existing public key infrasructures (PKIs) and driving the need to stand-up new ones.
The challenge here is maintaining a strong root of trust across the enterprise PKI that fulfills the operational demands of more...
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
As organizations take on more ambitious digital transformation initiatives, their digital risk grows to new levels that require heightened management. RSA President Rohit Ghai explains the need for digital risk management.
Patch or perish, March edition: Microsoft releases fixes for 65 new vulnerabilities, including two that are being exploited in the wild. Also, Adobe issues updates for Photoshop and Digital Editions following a critical fix for a ColdFusion flaw that was being exploited in the wild.
Building a security program from the ground up is a challenging task. Rick Holland of Digital Shadows discusses implementing a new program and focusing on inclusion in the workplace.
Information security programs continue to rely not just on security policies, but also the controls that ensure they get enforced. Unfortunately, such controls begin degrading the moment they're put in place, sometimes rapidly, says Josh Mayfield, director of security strategy at Absolute Software.
Forget inside/outside the perimeter when mitigating risks. That's the notion behind "zero trust," which means applying risk-based controls to safeguard access, says Stephen Cox of SecureAuth.
With the number of vulnerabilities on the rise, and their severity increasing, how can you identify the biggest cyber threats to your business - and know what to fix first?
Download the "3 Things You Need to Know About Prioritizing Vulnerabilities" eBook now to:
Discover the 3 critical steps to building an...
Every security leader wants visibility into the potential attack surface. But that surface is changing in vast new ways, owing to the cloud and connected devices. Mario Vuksan of ReversingLabs defines what visibility truly means today.
Security incidents often result in damage, regardless of an organization's size. But for small and midsize firms, which often lack robust security defenses, the damage may be so severe that it means not only disruption but also the end of the business, says Vince Steckler of Avast.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.
