Time for a fresh edition of "learn from how others get breached" focusing on Equifax. The goal is not blame, but rather to highlight specific missteps so others can avoid making the same mistakes. The Equifax breach offers a plethora of takeaways to help organizations better repel attackers.
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
In today's security environment, organizations have to realize that attackers are likely inside a company's environment already - no matter how well they're protected. As a result, security programs are now more proactive with analysts actively searching for the hackers that defeated their defenses.
Download this...
Some security experts have prophesied the demise of traditional Intrusion Detection and Prevention Systems (IDPS) for almost 20 years, but this cornerstone of network security continues to soldier on. While next-generation firewalls have added IDPS functionality, they are driven more by policies than true threat...
With the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on breach and attack simulation tools to provide more consistent and automated validation of controls, says Cymulate's Tim Ager.
One of the most-heard complaints from security experts is that often they find their work repetitive ("The CFO's laptop has been compromised... again!"), which results in the desire of trying something "new", meaning "leave for another company." Another common complaint is that the work is very compartmentalized, and...
Banks in West Africa have been targeted by at least four hacking campaigns since mid-2017, with online attackers wielding commoditized attack tools and "living off the land" tactics to disguise their efforts, Symantec warns.
What makes Industrial Control Systems (ICS) so vulnerable to cyber attack? How does this impact the wider enterprise? With IoT-connected equipment and remote management on the rise, security has never been so important. Privileged Access Management (PAM) secures and controls access to critical Industrial...
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.
Modernizing IT infrastructures by simplifying and automating workflows and processes can unlock capabilities that deliver on the digital transformation goals of your organization. Infrastructure modernization efforts across government, telecommunications, retail and the financial sector are a logical step toward...
The fact that Federal agencies are prime targets for the most sophisticated cyber threats is undeniable. If cyberattacks are inevitable, then robust capabilities for security investigation, threat hunting, and rapid response are essential. Government cybersecurity professionals require visibility across their silos of...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
