Microsoft plans to roll out new decentralized identity and cloud infrastructure entitlement management products to extend secure access from users to workloads and apps. Microsoft Entra Permissions Management will be available on a stand-alone basis in July, and Verified ID will debut in August.
A data breach at Turkish firm Pegasus Airlines has put more than 6.5TB of sensitive electronic flight bag data at risk, including sensitive flight details, source code and staff data, researchers say. The misconfigured AWS S3 bucket that led to the incident has now been secured.
Three months after Russia’s ongoing invasion of Ukraine began, a report from the State Cyber Defense Center's Cyber Rapid Response Team takes a look back at the turbulence the nation has faced in its cyber sphere during Q1 2022 and considers the way ahead.
The healthcare sector is still behind many other critical infrastructure sectors in implementing critically important security technologies to protect against the rise in potentially devastating cyber incidents, says threat intelligence analyst Christiaan Beek of security firm Trellix.
The U.S. Cybersecurity and Infrastructure Security Agency has added 75 flaws to its catalog of known exploited software vulnerabilities. The vulnerabilities were disclosed in three separate batches of 21, 20 and 34 vulnerabilities on Monday, Tuesday and Wednesday, respectively.
Attention to anyone who manages a Microsoft Windows environment: Security researchers are tracking a zero-day vulnerability in Microsoft Office that's being actively exploited by attackers to run malicious code on a vulnerable system.
Manufacturing is a huge industry with massive amounts of critical data and IoT surfaces, and it is also a lucrative target for cybercriminals. CyberEdBoard member Shankar Karthikason discusses how to secure your OT environment and build an effective cybersecurity program.
The City of Quincy, Illinois' administrative systems were hit by a ransomware attack on May 7, confirmed Mayor Mike Troup in a press conference held on Tuesday. Consulting fees and a ransom were paid but critical services continued to operate throughout the incident.
Four ISMG editors discuss highlights from the London Summit, including the most concerning emerging threats if collateral damage from the Russia-Ukraine war isn't all it was reputed to be, building a cyber risk playbook to help businesses identify exposure, and stress and burnout in the workplace.
Police in Nigeria this week arrested a 37-year-old man who's been charged with masterminding "a criminal syndicate tied to massive business email compromise and phishing campaigns," Interpol says. But with known BEC losses last year exceeding $2.4 billion, will the arrest have a noticeable impact?
An increasing number of threat actors are deploying a free-to-use browser automation framework as part of their attack campaigns. Automation tools are expected to become a more common element of the threat actor’s toolkit, according to researchers at security firm Team Cymru.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.