Adobe has released security updates to address eight vulnerabilities, which, if exploited, could enable an attacker to take control of an affected system.
Legacy tools and applications often prevent enterprises from adopting monitoring approach, says Ranndeep Chonker, manager security & risk practice, Asia & India at ServiceNow.
Russian hackers apparently weren't the only ones targeting SolarWinds customers. An attack last year by the Spiral hacking group, believed to be based in China, against one organization used malware that targeted a vulnerability in SolarWinds' Orion software, according to the Secureworks Counter Threat Unit.
Traditionally, software development training falls short on security. And as enterprises embrace the “shift left” movement, that gap puts them at risk. Veracode’s Dave Ferguson discusses the gap and how Veracode’s new Security Labs was developed to fill it.
Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
The cybersecurity firm McAfee Corp. announced Monday it will sell its enterprise business unit to the private equity firm Symphony Technology Group for $4 billion cash and then focus solely on its consumer business. STG also owns RSA.
Jeremy Grant, coordinator of the Better Identity Coalition, offers a progress report on the 3-year-old organization's efforts to help prevent breaches with better identity management.
Speech recognition has become a powerful tool for authenticating customers in a seamless manner, says Sekar Jaganathan, director of digital strategy at Malaysia’s Kenanga Investment Bank.
Supermicro and Pulse Secure have each issued advisories warning users that some of their products are vulnerable to an updated version of Trickbot malware that features a bootkit module, nicknamed Trickboot, which can search for UEFI/BIOS firmware vulnerabilities.
Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.
An aviation IT company that says it serves 90% of the world's airlines has been breached in what appears to be a coordinated supply chain attack. Customers of at least four companies - Malaysia Airlines, Singapore Airlines, Finnair Airlines and Air New Zealand - may have been affected by the incident.
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
The Senate Intelligence Committee hearing on the SolarWinds supply chain attack exposed the crucial flaw that allowed attackers, likely Russian, to gain entry into the company's system. Brad Beutlich of Entrust discusses how SolarWinds did not protect its encryption keys, which allowed them to be stolen and used by...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.