Technology is no panacea, including for combating COVID-19. While that might sound obvious, it's worth repeating because some governments continue to hype contact-tracing apps. Such apps won't magically identify every potential exposure. But they could make manual contact-tracing programs more effective.
The Cybersecurity and Infrastructure Security Agency is reminding government agencies to continue using an approved DNS resolution service at a time when a large portion of the federal workforce has been shifted to home offices because of the COVID-19 pandemic.
A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
A shareholder has filed a lawsuit against LabCorp and 12 of its executives and directors - including the medical testing company's CIO - over two data breaches, including the 2019 breach of one of its vendors, American Medical Collection Agency, which affected millions of patients.
What should an enterprise do when someone reaches out and claims to have the company's data or information about a breach? Although it can be a delicate situation to manage, there are sound approaches enterprises can take, says data breach expert Troy Hunt.
Four CISOs, two CEOs, one global crisis. These are the ingredients for an exclusive panel discussion on how enterprises have emerged from the cybersecurity challenges of COVID-19 and how they are building the foundation for an entirely new way to live and work post-pandemic.
Because the COVID-19 pandemic had led to more employees working from home, cloud services have become indispensable, but the pressure is on organizations to ensure security, says Jim Reavis, CEO of the Cloud Security Alliance.
Vistra Energy, a Texas-based power generation firm, recently underwent a network transformation project. CISO Paul Reyes, joined by Zscaler's Dan Shelton, opens up on how to make the move to cloud-based models and what it can do to support your business.
It's not so much that the threats have changed amidst the COVID-19 pandemic. It's that the attack surface has broadened, and it's more challenging for defenders to coordinate intelligence, tooling and processes, says Jimmy Astle of VMware Carbon Black.
The notorious carder marketplace Joker's Stash is advertising a fresh batch of 400,00 stolen payment cards issued by both South Korea and U.S. banks, warns Group-IB. It says that on average, stolen APAC payment card data sells for five times more than stolen U.S. payment card data.
Australia's pandemic contact-tracing app may be released by the end of the month. The app will collect names and phone numbers, enabling health authorities to contact those who've been exposed to people who have been infected with COVID-19.
The latest edition of the ISMG Security Report analyzes the privacy issues raised by COVID-19 contact-tracing apps. Also featured: An update on efforts to fight fraud tied to economic stimulus payments; John Kindervag on the origins of "zero trust."
Modern enterprises are large and complex - and so are their IT environments. How does this complexity translate to securing access in hybrid environments? Frederico Hakamine of Okta breaks down the challenge and discusses solutions.
The global pandemic has revealed a lot about the extended remote workforce and its haves and have-nots, says Mike Kiser of SailPoint Technologies. In a preview of an upcoming virtual roundtable, he describes the cybersecurity forces shaping the new post-crisis workforce.