What if organizations' information security practices have gotten so good that they're finally repelling cybercriminals and nation-state attackers alike? Unfortunately, the five biggest corporate breaches of the past five years - including Yahoo, Marriott and Equifax - suggest otherwise.
Red Hat, Amazon and Google have issued fixes for a serious container vulnerability. The flaw in the "runc" container-spawning tool could allow attackers to craft a malicious container able to "break out" and gain root control of a host system, potentially putting thousands of other containers at risk.
Medical device cybersecurity risks should be viewed as an enterprise problem, say Tracey Hughes of Duke University Health Systems and Clyde Hewitt of security consultancy CynergisTek, who outline critical security steps.
The Trump administration is leading a broadside against Chinese telecommunications giants Huawei and ZTE. But concerns that Chinese networking gear could be used as backdoors for facilitating state-sponsored surveillance or disrupting critical infrastructure are not limited to America.
Healthcare organizations should steer clear of connecting internet of things devices to their networks unless they serve a precise medical purpose, says attorney Julia Hesse, a featured speaker at the HIMSS19 Conference.
Singapore's Infocomm Media Development Authority has issued a new consultation paper with an aim to instill greater confidence in the use of IoT systems. But some security experts say the report comes up short, with cybersecurity recommendations that are too generic.
Apple has issued an iOS update that patches two flaws being exploited in the wild by attackers as well as the "FalmPalm" bug in Group FaceTime. Apple says it compensated the teenager who reported the FaceTime flaw and gave him an extra gift toward his tuition.
Recent data leaks, including the SBI incident that affected millions of customers, have once again stirred up a debate on the role of auditors in cybersecurity. But a bigger issue is the need to invest in appropriate security technologies and implement stronger policies and awareness programs.
Many security professionals are constantly drowning in alerts across a multitude of security tools. When you can't see what is happening on your endpoints, investigating an alert can feel like you're running blindfolded. Often, these professionals don't have the visibility or data to prioritize alerts or make...
With the general election approaching this spring to constitute the 17th Lok Sabha, cybersecurity leaders say India must be prepared to thwart foreign cyberthreats and protect electronic voting machines against hacking by using appropriate security measures.
Despite early indications that India would not use technology from Chinese telecom giant Huawei in its program to build a 5G network, because of security concerns, many security experts now predict the government likely will reverse itself and allow the use of that technology to help hold down costs.
Endpoint detection and response tools and other related security technologies are critical weapons for defending against cyberattacks, says Larry Whiteside, the new CISO at Greenway Health, an electronic health records company.
Japan plans to identity vulnerable internet of things devices the same way hackers do: by trying to log into them. The country wants to gauge its cybersecurity readiness for next year when it hosts the summer Olympics. If vulnerable devices are found, the plan is to notify device owners.
Despite everything you've spent on data-centric security, there still is a security gap that is burgeoning at an alarming rate when it comes to protecting sensitive data. The growing complexity of users outside your organisation, methods of sharing information, and the number of devices data reside on are continually...