An obscure routing protocol codified during the 1990s has come roaring back to attention after researchers found a flaw that would allow attackers to initiate massive distributed denial-of-service attacks. Researchers from Bitsight and Curesec say they found a bug in Service Location Protocol.
Six individuals - including five former employees of a Tennessee healthcare organization - have pleaded guilty to criminal HIPAA violations in an alleged scheme involving the sale of motor vehicle accident patient information to third parties. One of the defendants has been sentenced so far.
When you create proprietary code, even using a component of open-source code within a subcomponent could cause your project to become open-source code.Jeanette Sherman of Mend Security discusses the need to identify open-source code and the license types being used.
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. A group's newly dubbed "Educated Manticore" is sending Iraq-themed bait to coax deployment of an implant known as PowerLess.
OT attacks have doubled. Mark Cristiano, global commercial director of cybersecurity services at Rockwell Automation, discusses how organizations can develop a strategic approach to OT security that aligns with their risk profile, cyber maturity and ability to absorb change.
ISMG editors are live at RSA Conference 2023 in San Francisco with an overview of the latest speakers and hot topics, including the continuing conversation about generative AI and the decline and fall of blockchain. Join us for daily updates from San Francisco.
Cybersecurity is "a full-time task" that requires a lot of discipline, says Ajay Sabhlok, CIO and chief digital officer at Rubrik. He discusses tips for increasing your company's cyber maturity, ideas about how CIOs and CISOs can align, and advice on what not to do, such as pay a ransom.
An Indian court convicted 11 people for their roles in the North Korean heist of $13.5 million in 2018 from Pune-based Cosmos Cooperative Bank. The United Nations attributed the thefts to North Korea, which uses criminal activity, including financially motivated hacking, to obtain hard currency.
The United Kingdom should augment its cryptocurrency asset seizure abilities as part of an effort to combat ransomware and other cybercrime, a parliamentary panel heard. The rate of seizures is not commensurate with the level of crypto adoption, said Aidan Larkin, CEO of Asset Reality.
Quantum computers and chatbots, as well as hype around blockchain, were topics discussed during The Cryptographers' Panel at RSA Conference 2023. For anyone who needs to keep data secure for more than 30 years, advice from panelist Adi Shamir was simple: Don't rely on public key cryptography.
ChatGPT is "amazing" and "has reformed the way we interact with computing," says Nikesh Arora, chairman and CEO of Palo Alto Networks. But to get value from AI and to use it to make the SOC more proactive, we need to have a lot of data - and pay attention to what it's telling us, he says.
Testifying before Congress in 1991, Winn Schwartau coined the term "electronic Pearl Harbor." The chief visionary officer of The Security Awareness Company stands by his prediction, pointing to a mounting number of attacks. Now the world needs to worry about security and privacy in the metaverse.
ChatGPT may be grabbing headlines, but many security practitioners are still skeptical about AI. ISMG editors at the RSA Conference 2023 in San Francisco discuss the hot topics this year, from the looming risk of the metaverse and our reality to the latest approach to cloud development.
The high-profile Equifax breach happened nearly six years ago. Jamil Farshchi, CISO of Equifax, discusses how the firm invested $1.5 billion, hired new staff and improved governance to prevent future attacks, but he says security organizations need to enter a new era of cooperation and transparency.
A European effort to wrest greater control over the infrastructure underpinning internet encryption has some security experts warning about degraded website security. The European Union is on the cusp of requiring web browsers to honor web certificates known as QWACs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.