With at least 20 billion new consumer devices set to be internet-connected by 2020, initiatives in the U.K. and California are trying to ensure that as many IoT devices as possible will be out-of-the-box secure, for starters by not shipping with default passwords.
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
The notorious GandCrab ransomware-as-a-service gang has released the latest version of its crypto-locking malware, backed by crypter service and exploit toolkit partnerships. But the gang's marketing savvy belies shoddy code-development practices, security firm McAfee finds.
For too many organisations, software vulnerability management is just about "patch Tuesday." Vulnerability management has evolved significantly in the past few years. Organisations need to adopt a new strategy focusing on visibility, prioritised response, and mitigation.
When you look back at the wave of...
A notorious group of payment card-stealing gangs called Magecart has been tied to another series of online attacks, this time against Shopper Approved, an e-commerce service used by thousands of sites to gather reviews from customers.
Benchmarking your software security initiative can tell you if you are keeping pace with your peers, or if you should accelerate your efforts to rise above the competition. The results of a benchmarking assessment can help you identify new security strategies and prioritize scarce resources to be most effective....
Did the Chinese government pull off one of the most secretive hardware hacks of all time? That's what information security experts are pondering after a Bloomberg report described an espionage operation that purportedly planted a tiny spying chip on widely distributed server motherboards.
Warning: Attackers behind the recently revealed Facebook mega-breach may still be able to access victims' accounts at some third-party web services and mobile apps, and Facebook has offered no timeline for when a full lockdown might occur - although there are no signs of third-party account takeovers.
Step away from the social media single sign-on services, cybersecurity experts say, citing numerous privacy and security risks. Instead, they recommend that everyone use password managers to create unique and complex passwords for every site, service or app they use.
While Facebook has invalidated 90 million users' single sign-on access tokens following a mega-breach, researchers warn that most access token hijacking victims still lack any reliable "single sign-off" capabilities that will revoke attackers' access to hyper-connected web services and mobile apps.
For too many organizations, software vulnerability management is just about "patch Tuesday." But Alejandro Lavie of Flexera says organizations need to adopt a new strategy focusing on visibility, prioritized response and mitigation.
It may seem silly to wonder how safe your backups are; backups are rarely
thought of as being at risk. It stems back to a time when backups were on
tape - a medium that would be tough for even skilled developers to hack. But
today's backups are stored (whether on-premises or in the cloud) on disk or,
If you are reading this, it means you are taking time out of your busy schedule to search for data protection solutions. Data protection is not meant to be exciting; it's meant to automate the boring parts through automation so that your company stays out of the negative headlines.
"You get paid for...
Modern backup is still too complicated. Adding to the woes of the modern backup administrator
is the fact that very few organizations get to tear
their entire IT apparatus down and take a completely
modern, greenfield approach. In the real world, data
centers are the result of incremental growth. With that growth...