Kaspersky Lab says it "inadvertently" scooped up classified U.S. documents and code from an NSA analyst's home computer, but suggests it wasn't the conduit by which the material ended up in Russian hands. It claims that the computer was riddled with malware.
A recently published 2017 survey of over 400 security professionals in the U.S., U.K. and Germany measured how well their organizations implemented security controls for SSH keys. The results show that most organizations are underprepared to protect against SSH-based attacks, with fewer than half following industry...
Take control of your SSH keys to minimize your risk of intrusion
SSH keys provide the highest level of access rights and privileges for servers, applications and virtual instances. Cyber criminals want this trusted status and invest considerable resources into acquiring and using SSH keys in their attacks.
SSH is used for secure administrative access, but what happens if it's not secure? Despite the sweeping access SSH keys grant, including root access, most are not as tightly controlled as their level of privilege requires.
If your organization doesn't know which administrators or SSH keys have access to which...
Kevin Roose of the New York Times writes, "If there's a single lesson Americans have learned from the events of the past year, it might be this: Hackers are dangerous people." It's true - In the past year alone, not only have we witnessed hackers take down giant corporations like Equifax, but also, we've seen them...
Clearly, adherence to HIPPA, NIST and other regulators in healthcare is paramount, but that does not mean that your organization isn't vulnerable to cybercrime hacking. When the average breach is worth $3.62 million with $380 per patient record compromised (as per Ponemon's 2017 Cost of
a Data Breach Report), the...
Since last year, North Korean hackers have been targeting businesses in the financial services, aerospace and telecommunications sectors by exploiting a remote administration tool, or RAT, according to an alert issued Tuesday by the United States Computer Emergency Response Team.
In the year ahead, cyber threats to the healthcare sector will continue to evolve from attacks primarily involving the theft of health data to assaults aimed at disrupting organizations' operations, predicts Sean Murphy, CISO of health insurer Premera Blue Cross.
A top DHS cybersecurity official says she has seen no conclusive evidence that Russian-owned Kaspersky Lab's security software had been exploited to breach federal information systems. Jeanette Manfra told a House panel most agencies have complied with a directive to stop using Kaspersky software.
Learn how to adopt DMARC for email security to meet DHS' binding operational directive (BOD) 18-01. Get information on Federal Government DMARC best practices to set up a "monitoring" policy in 90 days and move to "reject" in under a year.
Download this guide that discusses:
The history and foundation of what...
Are you ready for Binding Operational Directive 18-01? On October 16, 2017, the U.S. Department of Homeland Security issued this directive mandating all federal email domains to implement DMARC to strengthen email security.
Download this report to learn:
How federal agencies are vulnerable to phishing and email...
Download this whitepaper to view the Ins and Outs of DMARC. It will provide a high level overview on DMARC:
Learn how DMARC policies work
Visual effects of spoofing after DMARC reject policy is in place
How to get started
Secure your email. Stop phishing. Protect your brand
Download this guide that can help you protect your enterprise and your customers from phishing and brand abuse. Included in the DMARC guide is:
The DMARC fundamentals and how it works
A closer look into standards such as SPF, DKIM & DMARC
Steps to put DMARC...
In a world of constant data breaches, where all consumer PII data is exposed, financial institutions are seeking innovative ways to authenticate customers, verify identity and prevent account takeover. This is leading to investment in a world of innovative authentication methods but that also means FIs find themselves...
All U.S. publicly traded companies should review how they internally disseminate breach information and expect to see revised cybersecurity guidance, says William Hinman, the director of corporation finance for the U.S. Securities and Exchange Commission.