Joey Johnson, CISO of Premise Health, a Brentwood, Tennessee-based provider of online healthcare services, outlines a three-pillar security program in which "identity is the central aspect."
To help balance security and user convenience, organizations should offer centralized user access to applications, says Krishnamurthy Rajesh, head of IT and information security at ICRA, an India-based credit rating agency.
At least 38 million records have been leaked by hundreds of online portals that were unwittingly misconfigured by organizations using Power Apps, a Microsoft service to quickly spin up web apps. Microsoft has now changed default settings for Power Apps to prevent inadvertent data exposures.
Microsoft security researchers say the operators of the well-established Mozi IoT botnet have upgraded the malware, enabling it to achieve persistence on network gateways manufactured by Netgear, Huawei and ZTE.
Despite these financial headwinds, new ways are emerging for FIs to differentiate on the quality of fraud prevention and outreach they can provide to customers.
The U.S. and Singapore have announced three agreements to expand their collaborative efforts - including shoring up information sharing, research and training - to address global cybersecurity issues.
Australia's data regulator says organizations hit by ransomware may be underreporting data breaches because they haven't thoroughly figured out if data was taken. But an "absence of evidence" of a data breach in a ransomware attack isn't sufficient to declare that no data was taken.
The Aggah APT group, believed to be of Pakistani origin, apparently was behind a recent spear-phishing campaign targeting manufacturing firms in Taiwan and South Korea, according to the Anomali Threat Research Team.
As ransomware-as-a-service operations continue to compete for affiliates, the operators behind LockBit have unveiled a new version of their crypto-locking malware boasting fresh features, some borrowed from rivals. Separately, a relatively unsophisticated newcomer called Hive has debuted.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the evolution of fraud trends and the challenges in implementing the "zero trust" framework in the OT environment.
The World Bank has launched a cybersecurity fund for low- and middle-income nations to support public sector efforts to conduct cybersecurity maturity assessments, offer technical assistance and support training and staff development.
Researchers at cybersecurity firm ClearSky say an Iranian APT group, dubbed "Siamesekitten," is targeting Israeli companies in a supply chain attack campaign. The attackers are luring victims with fake job offer emails that direct recipients to websites that download malware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.