The security operations center (SOC) faces mountain challenges: lack of personnel, disparate security tools, multiple alerts that must be run down, prioritization of alerts and the transition between incident detection and incident response.
Security affects and is affected by operational and IT considerations....
Networks are constantly evolving - and so are their attack surfaces. IT security pros must now contend with digital assets like cloud platforms, application containers, web applications, IoT devices, and industrial control systems. For those in critical infrastructure industries, the stakes are even...
Digital transformation (DX) continues to drive growth across financial services firms, creating new opportunities to increase revenue and foster innovation. Cloud - whether public, private or a hybrid approach - is foundational to achieving DX objectives, as is secure, resilient and scalable network connectivity....
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.
Attack code known as EternalBlue, designed to exploit a Windows SMB flaw, continues to work for attackers despite Microsoft having issued patches more than a year ago. One major U.S. business was a recent victim as part of a cryptocurrency-mining malware campaign, a researcher reports.
Intel has had a challenging time lately on the vulnerability front. It has issued yet another patch for its Management Engine after a researcher was able to extract two types of encryption keys. The problem was a repeat of one that Intel patched just last year.
Keeping endpoint security up to date is a struggle for small to mid-sized companies that have less resources than larger companies, yet have the same risk of attack. And that risk is only increasing. In 2017, the number of ransomware attacks increased by 30x and the number of breaches increased by 40%.
While tech-support scams have proliferated for years, the FBI says losses tied to such fraud are now higher than ever. Google has pledged to crack down on fake tech-support listings. But fraudsters regularly employ a variety of channels, including cold calls, pop-up windows and phishing emails.
A lawsuit accuses Google of "the surreptitious location tracking of millions of mobile phone users." The legal action was sparked by a report demonstrating that some Google apps tracked and time-stamped users' locations even if a user deactivated the "location history" setting.
Why are attacks so successful? Legacy endpoint security products are creating more problems than they solve. There is too much cost and complexity, defenses aren't keeping up, and security staff is stretched thin.
The hacking of an email account of a medical clinic employee during travels overseas demonstrates the risks posed to data when workers travel. Security experts offer insights on mitigating those risks.
Today's reality is that attackers are always present. Deception technology is purpose-built to stop advanced attacks and align security operations to top business risks.
In this white paper, we offer three examples of how financial services organizations are leveraging deception technology to get ahead of advanced...
The most costly attacks on ATMs are likely to be executed through the bank's corporate network. Although from inside the network, attackers cannot execute financial transactions on the ATM machines themselves, they can potentially gain access to the entire network of ATMs, as well as the related patch management...