Organizations are increasingly moving their mission-critical applications and data to Amazon Web Services (AWS) and taking advantage of the massive compute power of Amazon Elastic Compute Cloud (Amazon EC2).
Super Micro Computer says a third-party audit of its recent and older motherboards has not turned up evidence of a spying chip as alleged in an explosive report two months ago by Bloomberg BusinessWeek. Bloomberg, however, has stood by its story despite no physical example of the malicious chip turning up.
By building in some risk intelligence upfront, organizations can upgrade their security operations centers and reduce the noise from the sheer volume of alerts and false positives, says Ganesh Prasad of RSA, who shares insights.
In the wake of the recent Marriott and National Republican Congressional Committee data breaches, now is the time to get your board's attention regarding breach response and public disclosures. Attorney Mark Rasch offers insights for preparing and practicing response plans.
The data being used to drive effective anti-fraud efforts can be rich in context and useful for other activities. Jim Apger of Splunk describes emerging fraud schemes and solutions, highlighting the role of machine learning.
The fraudsters have more tools and information than ever at their disposal to pull off socially engineered schemes. But how can the victims turn the tables? Agari's Andrew Coyle discusses new tools and strategies to improve defenses.
The lack of standardization is one of the significant challenges when securing OT environments. Customizing and aligning OT security with the business is key, says Uday Deshpande, CISO at Mumbai-based L&T Group.
The latest edition of the ISMG Security Report features an analysis of the validity of reports that China is behind the massive Marriott data breach. Also: Fascinating details in a Congressional report on the Equifax breach, and a clear explanation of "self-sovereign identity."
Hackers linked with China are suspected to be behind the four-year breach of Marriott's Starwood guest reservation system, according to several news reports. The suggestion is likely to contribute to increased tension between the U.S. and China.
Breach victims who sign up for free fraud-monitoring services from breached businesses that lost control of their data often sign away their right to join class-action lawsuits or pursue other legal actions, and Marriott proved to be no exception, following its mega-breach. But it now appears to be backing off.
Is there anything better than being offered one year of "free" identity theft monitoring? Regularly offered with strings attached by organizations that mishandled your personal details, the efficacy and use of such services looks set for a U.S. Government Accountability Office review.
Google says a buggy API update it pushed last month for its soon-to-be-mothballed Google+ social network exposed personal information for 52.2 million users. The data-exposure alert arrives just two months after Google admitted that a March problem with the same API exposed data for 500,000 users.
The massive data breach suffered by Equifax in 2017 "was entirely preventable," according to a report released by the House Oversight Committee's Republican majority. Some Democratic lawmakers have slammed the report for failing to advance legislative or oversight changes to help prevent breaches.