Just one click: That's all it takes for a victim to inadvertently grant attackers access to their email account via a third-party application. Here's how to spot signs of OAuth-related hacking and how to defend against it.
Recent failures of IT systems at some major airports and banks are a reminder that as an organization launches a digital transformation project, or seeks to move more of its processes to the cloud, those efforts won't necessarily proceed smoothly or securely, says Skybox Security's Justin Coker.
Explosive growth in network scale and complexity demands a next generation Public Key Infrastructure (PKI) management platform. Ted Shorter of CSS says security leaders must prepare now to take full advantage of next-gen PKI solutions.
Symantec says it has uncovered a cyber espionage campaign that targets telecommunications operators in Southeast Asia - as well as a defense contractor and satellite communications operator - and warns that the hacking group, dubbed Thrip, may be laying the groundwork for more destructive attacks.
The latest challenge to face CISOs: Finding the best way to keep their organization secure while at the same time navigating political edicts that may lack any technical detail or present solid facts or alternatives to suspect technology, says Jaya Baloo, CISO of KPN Telecom.
For attackers, "credential stuffing" - using stolen usernames and passwords to log into any site for which a user reused their credentials - is the gift that keeps on giving, says security researcher Troy Hunt. Here's how organizations can mitigate the threat.
About three dozen major health data breaches have been added to the federal tally in recent weeks, including a mix of hacking and unauthorized access/disclosure incidents. Here's an analysis of the latest statistics and the reasons behind the trends.
99% of account takeover attacks begin with automation, and they pave the way for future ATO. Today's sophisticated scripts can bypass traditional measures that rely purely on device intelligence or static data. Learn how to block sophisticated attacks with behavioral biometrics before they create fraud losses.
The explosion in the growth and diversity of devices linked to networks as a result of the internet of things and BYOD makes it more challenging to manage network security, says Wallace Sann of ForeScout.
The anti-Kaspersky Lab rhetoric continues to heat up, with the European Parliament passing a motion that brands the Moscow-based firm's software as being "confirmed as malicious." In response, Kaspersky Lab has halted all work with European institutions, including Europol, pending clarification.
Leading the latest edition of the ISMG Security Report: An analysis of how distraction tactics were used during a $10 million SWIFT-related hack at Banco de Chile. Also, a wrapup of Infosecurity Europe.
Security leaders have been addressing the global skills gap for better than a decade now, with little to show for it.
However, there is a new approach - leveraging software as a service to make up for the staffing shortfall.
The discussion really starts with software as a service. If you look at the benefits of...
Forrester recently surveyed 100 IT and IT security executives to understand the approaches and challenges your peers experience with user authentication and access management.
Curious to hear how you compare to your peers? Read the Forrester Report.
Cyberattacks and damages due to business email being breached dramatically increased again this past year. The FBI estimates $5 billion in losses worldwide as email continues to be a primary attack vector for the initial compromise.
As organization are moving to their email infrastructure to cloud solution like...