Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to target Windows and Android mobile devices.
The new year has kicked off with a flurry of data security company acquisition activity; five deals have already been announced. Companies making acquisitions are striving to improve their secure access service edge - or SASE - posture, enter new markets or bolster their technology portfolios.
Among remote workers, senior managers apparently are taking cybersecurity hygiene far less seriously than rank-and-file employees, a recent survey shows. Kathy Ahuja of OneLogin offers an analysis.
After the occupation of the U.S. Capitol by pro-Trump rioters Wednesday, an emergency response plan to ensure federal computers were locked down apparently was not activated, some experts say. As a result, federal security teams are likely scrambling to detect and repair any damage done.
The massive pro-Trump demonstrations that saw large crowds riot and then occupy the U.S. Capitol building in Washington pose a significant potential cybersecurity threat as protesters appear to have gained access to at least one lawmaker's office, along with computer systems and other devices, some experts say.
In 2020, the "zero trust" conversation evolved from "What is it?" to "How do we achieve a zero trust architecture?" Chase Cunningham, principal analyst serving security and risk professionals at Forrester, offers an outlook for what we can expect in 2021.
New regulatory provisions that allow healthcare systems to make donations of cybersecurity technology and services to physician practices could help greatly bolster security in the sector, says attorney Julie Kass of law firm Baker Donelson.
The FBI is warning of a rise in "swatting attacks," which see hackers use compromised email accounts to access poorly-secured home smart devices that are equipped with cameras and voice capabilities to make hoax calls to emergency services.
Identity management will be at the forefront of securing remote work in the coming year. Jason Bohrer, new leader of the Secure Technology Alliance and the U.S. Payments Forum, describes key initiatives as he steps into this role.
The growth in the use of telehealth during the COVID-19 crisis means that healthcare providers must carefully reassess and bolster the security of the connected devices, applications and systems used, says Kelly Rozumalski of the consultancy Booz Allen Hamilton.
Federal, state and local governments are among the many victims of the supply chain attack that backdoored the SolarWinds' Orion network-monitoring software, and victims "may need to rebuild all network assets" being monitored by the software, the U.S. Cybersecurity and Infrastructure Security Agency warns.
The Department of Homeland Security is warning U.S. companies about data theft risks associated with the use of Chinese technology and digital services, citing a new law in China giving the government the right to access data.
In the wake of the SolarWinds breach, NIST's Ron Ross has turned his attention to systems security engineering - and the reality that the adversaries are exploiting it to their advantage better than the defenders are. This disparity, Ross says, has to change.
An investigation at the U.S. Treasury Department has found that it suffered a "significant" breach as a result of the SolarWinds Orion supply chain attack, a top Democrat on the Senate Finance Committee reports. Meanwhile President-elect Joe Biden said of the attack: "I promise you, there will be a response."
Several tech giants, including Microsoft, Google, Cisco and VMware, have filed a brief backing Facebook's lawsuit against Israel-based spyware firm NSO Group, which has been accused of hacking into Facebook-owned WhatsApp's instant messaging app to enable spying by the company's clients.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.