As a result of shift to a remote workforce, network segmentation is an even more critical step for safeguarding information, says Tom Dolan of Forescout Technologies, who discusses how deployments can also help with meeting regulatory requirements.
An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks.
Increasingly, organizations are turning to encryption to help solve multiple security issues, whether it's protecting data, managing risk or meeting government regulations. While managing all these encryption keys can be complex, Brad Beutlich of nCiper Security doesn't believe it has to be this way.
Why do so many enterprises remain chained to outdated and vulnerable identity and access management technologies - legacy systems that rely on passwords, eat budgets and kill productivity? Baber Amin of Ping Identity and Ramnath Krishnamurthi of LikeMinds Consulting preview a new virtual roundtable on Modernizing IAM.
Jewelry retailer Claire's says Magecart attackers hits its e-commerce store, hosted on Salesforce Commerce Cloud, and stole an unspecified number of customers' payment card details. Security firm Sansec, which discovered the breach, says Magecart attacks have grown more targeted during lockdown.
Delivery Hero, the online food delivery service, has confirmed a data breach of its Foodora brand. Breached information includes personal details for 727,000 accounts - names, addresses, phone numbers, precise location data and hashed passwords - in 14 countries.
According to Unisys, we are witnessing in real time the long anticipated end of the VPN and firewalls. In a virtual roundtable preview, Jack Koons of Unisys explains the shift to data over infrastructure for cybersecurity.
As digital transformation technologies such as containers and connected devices are changing business models, organizations are finding new ways to secure data with encryption. John Grimm of nCipher Security walks through how the use cases for encryption are keeping up with the times.
The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET. This hacking group, which appears to have ties to Russia, has primarily targeted Ukraine for years.
Microsoft's Azure Security Center has detected a new hacking campaign that for the first time specifically targets the Kubeflow platform on Kubernetes and uses XMRig cryptominer to mine for monero across multiple clusters.
The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key.
Cybereason's latest honeypot-derived research reveals that threat actors are increasingly targeting critical infrastructure providers with multistage ransomware attacks. CISO Israel Barak details why these strikes are so prevalent and concerning.
Cybercriminals are continuing to take advantage of unsecured Amazon S3 buckets, with RiskIQ researchers recently finding card skimming code and redirects to a long-running malvertising campaign infecting several websites.