From 2016 to 2019, sophisticated nation-state attackers preferred to target 10 vulnerabilities more than all others, the U.S. Cybersecurity and Infrastructure Security Agency and FBI warn in a new alert. They say many of these flaws are years old, yet remain unpatched and actively exploited.
What does workforce authentication look like today? And as this remote workforce becomes the norm, how do you envision workforce authentication in five years? These are the questions posed by Jeff Carpenter of HID Global in an upcoming roundtable discussion.
Australian shipping giant Toll Group has vowed to again not pay a ransom after suffering its second ransomware attack of the year. In the latest incident, however, the company warns that attackers also stole corporate data - and it may get leaked.
Microsoft addressed vulnerabilities in a dozen of its software products in its Patch Tuesday update for May. And while none of the flaws are currently being exploited, several of the most critical flaws require immediate attention, the company says.
In the current work-at-home environment, keeping the workforce educated about critical cybersecurity practices requires "short, sharp bursts of education" that offer compelling messages, says Vicki Gavin, a former CISO who now serves as a cyber education consultant.
Enterprises are approaching customer identity and access management from multiple angles, and maturity is growing. These are takeaways from a recent roundtable discussion of CIAM myths and realities. Keith Casey of Okta discusses this event and his vision of CIAM.
There are three distinct scenarios for how the COVID-19 virus might spread over the next 18 to 24 months, says pandemic expert Regina Phelps. None is pleasant, but one may exact a smaller economic and human toll. And our next moves might determine which scenario unfolds.
Phishing scams continue to be a leading cause of health data breaches so far this year. But the theft of unencrypted laptops led to the biggest breach reported in 2020, and an insider breach involving a physician exposed data on thousands of patients.
The operators behind the Zeus Sphinx malware have added new features and functionality to the Trojan, and more cybercriminals have deployed it within phishing campaigns that use the COVID-19 crisis as a lure, according to IBM X-Force. The Trojan has become more efficient at stealing banking data.
New research shows it's possible to unlock a password-protected Windows computer in about five minutes by exploiting vulnerabilities in Intel's Thunderbolt hardware controller. The vulnerabilities add to a growing list of issues around Thunderbolt, which is used for connecting peripherals.
The Federal Trade Commission is assessing whether to make changes to a seldom-used, decade-old health data breach notification rule for certain technology vendors that do not fall under the umbrella of HIPAA.
After suffering a ransomware attack last October that left several systems inaccessible, mailing equipment manufacturer Pitney Bowes reports that it recently blocked another ransomware attack before any data was encrypted and says there's "no evidence of further unauthorized access to our IT systems."
What are some best practices for moving network security from the datacenter to the cloud? And what are the essentials of Secure Access Service Edge frameworks, and how can they be implemented? These are among the questions to be discussed in a new series of virtual roundtables hosted by Forcepoint and Homayun Yaqub.