Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices. But security experts warn that weak RDP credentials are in wide circulation on darknet marketplaces and increasingly used by ransomware attackers.
Nearly 50,000 personal records relating to Australian government employees as well as the employees of two banks and a utility were exposed to the internet due to a misconfigured Amazon storage server. The episode is the latest in a string of large breaches to hit Australia.
The United Kingdom might be greater than the sum of its parts. But when it came to the WannaCry outbreak, some parts of the United Kingdom did less great than others. Here's how the governments and health boards of Scotland, Northern Ireland and Wales are responding.
A new directive from the U.S. Department of Homeland Security elevates federal agencies' email security to the DMARC standard that's widely adopted by commercial email providers, including Google, Yahoo and Microsoft.
A Belgian security researcher has discovered a "serious weakness" in the WPA2 security protocols used to encrypt many WiFi communications. Attackers can exploit the flaws to eavesdrop as well as potentially inject code such as malware or ransomware into WiFi-connected systems. Prepare for patches.
An analysis on finding a replacement for Social Security numbers as an identifier for individuals leads the latest edition of the ISMG Security Report. Also, assessing Kaspersky Lab's responsibility for the hack of an NSA contractor's computer.
Leading the latest edition of the ISMG Security Report: A deep dive into how continuously monitoring user behavior could replace passwords as a means of authentication. Also, U.S. federal agencies continue to fall short on IT security.
In response to nation-state attackers targeting its account users, Google reportedly is planning to offer stronger authentication to politicians, corporate executives and other at-risk individuals as part of a service called the Advanced Protection Program.
It's the age of "open banking," and that means changes for banking institutions and their customers - as well as for the fraudsters. Shaked Vax of IBM Security Trusteer talks about new vulnerabilities and anti-fraud strategies.
Aetna will move from passwords to continuous behavioral authentication next year on its consumer mobile and web applications for better security and end-user experience, says Jim Routh, the health insurer's CISO.
At a time when fraud is attempted across multiple channels and customers still demand a frictionless digital experience, Kevin Donovan of Biocatch makes the case for organizations to embrace the tenets of continuous authentication.
The effort to improve the matching of patients to all the right records from multiple sources may get a new boost from Congress. Learn about the latest effort to help ensure clinicians have secure access to all the right records for the right patient - and the implications for CISOs.