Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.
In this in-depth blog, a long-time cybersecurity specialist who recently joined the staff of Information Security Media Group sizes up evolving ransomware risks and offers a list of 11 critical mitigation steps.
What challenges does a CISO face when dealing with issues facing several industries? Abid Adam of Axiata Group, a conglomerate based in Malaysia, describes his efforts to manage privacy and security in three diverse sectors.
Virtual Care Provider Inc., which provides cloud hosting and other services to more than 110 healthcare entities, including nursing homes and assisted living facilities, is struggling to bounce back from a ransomware attack in which hackers demanded a $14 million ransom.
An unsecure database belonging to PayMyTab, a company that provides U.S. restaurants with mobile payment apps and devices, left payment card and other customer data exposed, according to a new report from two independent security researchers.
The Australian Parliament's computer network was compromised in January after politicians browsed a legitimate website that was compromised. The watering-hole style attack resulted in a small amount of non-sensitive data being revealed, according to the leader of the Senate.
Organizations should develop a comprehensive strategy for managing third-party security risks and avoid over-reliance on any one tool, such as vendor security risk assessment, monitoring or ratings services, says analyst Jie Zhang of Gartner.