Multiple flaws - all serious, exploitable and some already being actively exploited - came to light last week. Big names - including Cisco, Facebook, Intel and Microsoft - build the software and hardware at risk. And fixes for some of the flaws are not yet available. Is this cybersecurity's new normal?
Microsoft has taken the extraordinary step of issuing patches for its old XP, Windows 2003, Windows 7 and Windows Server 2008 operating systems. The problem is an easy-to-exploit Remote Desktop Services vulnerability that could be turned into a worm.
Every organization has systems that can't be secured well enough - perhaps because they can't be patched in a timely manner, can't provide data for monitoring, or aren't compatible with standard security tools. When unsecurable systems support mission-critical processes or hold valuable data, cyberattackers are adept...
Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system. So went the pitch from the NSA's Rob Joyce at this year's "Get Your Free NSA Reverse Engineering Tool" presentation at RSA Conference 2019.
The problem: growing adoption of interconnected technologies is stretching capabilities of existing public key infrasructures (PKIs) and driving the need to stand-up new ones.
The challenge here is maintaining a strong root of trust across the enterprise PKI that fulfills the operational demands of more...
In an increasingly complex world of interconnected information systems and devices, more must be done to protect critical infrastructure, says Ron Ross of the National Institute of Standards and Technology.
The lack of standardization is one of the significant challenges when securing OT environments. Customizing and aligning OT security with the business is key, says Uday Deshpande, CISO at Mumbai-based L&T Group.
Protecting the Department of Health and Human Services' systems, data - and program beneficiaries - from evolving cyberthreats is a top challenge for the agency, according to a new report that recommends action items.
The coming end-of-support for Windows Server 2008 leaves IT organizations with few viable options to receive security updates beyond the cut-off date of January 14, 2020. Upgrading will be no small feat as roughly 70% of enterprise Windows applications run on Windows Server 2008 or earlier versions*.
Attend this...
Google is investigating an unorthodox routing of internet traffic that on Monday sent traffic bound for its cloud services instead to internet service providers in Nigeria, Russia and China. Security experts say border gateway protocol is to blame and no easy fix is in sight.
Hackers behind the FASTCash ATM cash-out attack campaign - tied by the U.S. government to North Korea - use Trojan code designed to exploit bank networks running outdated versions of IBM's AIX Unix operating system, Symantec warns.
The journey to modernization has its challenges, including an increase in events that are more difficult to monitor due to a diverse hybrid cloud/legacy infrastructure. Real-time IT monitoring tools lead to earlier detection and fewer critical events that could place an agency's mission at risk.
Download the...
One of the biggest challenges facing IT ops in agencies today is the lack of visibility across the entire infrastructure.
Download this report by Gartner to learn the four-step approach to developing an IT operations monitoring strategy.
As application development teams strive to deploy features and changes into production as quickly as possible, an organization must rapidly adapt to ensure it's security posture is maintained yet doesn't slow down the build-to-deploy pipelines. The power of Kubernetes and Deep Security Smart Check together reduce the...
With so much focus on endpoint security, it's important not to overlook the importance of network-level security controls, says Lawrence Orans, research vice president at Gartner.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.