Believing that security incidents are imminent and probably unavoidable, enterprises are turning to advanced digital forensics to better understand and identify bad actors, and are open to using deception through technology such as honey pots or seeding fake data to help hunt down cybercriminals later, according to Neustar research. They’re also open to using deceptive tactics, such as deploying honey pots or seeding fake data to help hunt down cybercriminals later.
All about Virtualization and Cloud Security | Recent Articles:
Critical networks are caught in the crossfire of the battle over industrial secrets, tech patents, military operations and financial information. A month after the US Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a joint security advisory warning that a critical backdoor Trojan was in the wild, comes a new alert.
While hackers are often driven by financial gain through extortion schemes, state-sponsored criminal groups actively targeted the public administration sector for cyberespionage purposes in 2018. 16 percent of breaches occurred in public administration where “cyberespionage is rampant,” while 15 percent affected healthcare companies and 10 percent involved financial companies, Verizon found after analyzing more than 41,000 security incidents and confirmed data breaches in the US.
Could critical infrastructure attacks be making a comeback? Or did these invisible threats never leave in the first place? Extensive research reveals that as many as four threat actors many have been involved in creating Stuxnet, the sophisticated computer worm that demolished Iran’s nuclear infrastructure in 2007. In light of recent discoveries about similarities in malware samples, cyberespionage appears to be a growing threat that can hide for years before its discovered.
Private users are not the only ones excited about IoT technology and gadgets in everyday activity the countless growth opportunities in the area. A number of companies, organizations and even public institutions have turned to connected devices to build more sustainable, automated infrastructures, but device reliability, data security delivery and privacy still must still be addressed.
There’s been a lot of focus lately on the best ways to safeguard corporate networks and fend off targeted attacks, and on total cost of ownership. But CISOs worldwide are struggling with an even worse problem that greatly affects their companies long-term: a widening cybersecurity talent shortage.
HOPLIGHT, a critical backdoor Trojan linked to North Korean APT group Lazarus, has been found in the wild, warn the FBI and the Department of Homeland Security in a new malware analysis report.
While digital transformation and the e-commerce bubble in late '90s have reshaped the way companies do business, increasingly sophisticated cyber-attacks call for immediate and sometimes overly complex defenses. Security tool vendors have been more than willing to provide an ever expanding array of tools and technologies, many with dubious value.
In about two months, two years will have passed since the WannaCry ransomware attack, a large-scale, global security incident that spread through the EternalBlue exploit targeting computers operating on outdated Windows systems. It affected over 300,000 computers that were still using vulnerable software such as Windows Vista and Windows 7, which had already been obsolete for quite a while.
The Facebook data breach of 2018, probably the biggest of the year, illustrates better than any other example that no company, big or small, is immune to hackers. One would expect a company of Facebook’s size to sustain top-tier research and development for cybersecurity, but last year’s breaches prove it’s vulnerable anyway.
In 2018, companies struggled to mitigate large-scale attacks and data breaches, but apparently too little action has been taken to improve defenses in 2019. Businesses are trying to be proactive. They have increased cybersecurity budgets and invested in resources, including in qualified IT staff. So why are they, financial services specifically, still falling for social engineering scams and malware attacks? What hampers efforts to safeguard their networks?
Only three months short of its first year anniversary on May 28, it’s time to take a look at EU’s GDPR by numbers. Enforced to protect European users from unethical and illegal commercial practices, the internet privacy law has so far led to three major fines for privacy infringement.