Apache has released an emergency fix for its Struts web application framework to patch a flaw that attackers can exploit to take full control of the application. Some incident response experts, based on the severity of breaches they've investigated, recommend dropping Struts altogether.
Blockchain has potential for identity-based applications, but there are many aspects of identity and access management that a blockchain alone doesn't solve, says Ian Yip of McAfee.
Microsegmentation is an effective way for defenders to limit the amount of access an attacker has inside a data center and stop lateral movement, says Stanley Hsu of Illumio.
Many organizations don't have a full grasp of their digital footprints, which attackers analyze closely when plotting intrusions, says Hans Barre of RiskIQ.
Artificial intelligence can be used to create a model of an organization's infrastructure that can make detecting ransomware easier, says Alberto Pelliccione of ReaQta.
Australia is taking an aggressive approach to securing its critical infrastructure, which is vital to public safety and the economy, says Australian Member of Parliament Gai Brodtmann.
The quality and completeness of data is key to being able to perform meaningful analytics to detect malicious events, says Damien Smith of Australia's ANZ Bank.
Business intelligence technologies are increasingly being used with artificial intelligence to extract events that defenders need to know about, says Anurag Sanghai of Intellicus.
Layering defenses and maintaining strong security postures help mitigate risks as an organization's attack surface expands, says Narelle Devine, CISO of the Australian Department of Human Services.
Although the outlook for advancing interoperable, secure national health information exchange is promising, many significant challenges still must be overcome, says David Kibbe, M.D., founding president and outgoing CEO of DirectTrust.
With less than three months to go until the U.S. midterm elections, Alex Stamos, until recently Facebook's CSO, says there isn't time to properly safeguard this year's elections. But here's what he says can be done in time for 2020.
Facebook, Twitter and Google have suspended or removed hundreds of pages and accounts tied to two separate alleged influence operations being run by Iran and Russia. Cybersecurity firm FireEye says the campaigns target the U.S., U.K., Latin America and Middle East.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
