While software developers are showing signs of high apprehension when it comes to the security of their software, their organizations however have considerable work ahead of them getting developers the tools they need to succeed.
- New remote memory corruption vulnerability in Internet Explorer browsers allows for full takeover of infected systems
- Bitdefender has confirmed exploitation in the wild of CVE-2020-0674 with analysis of 2 distinct executable payloads
- Hypervisor Introspection delivers true zero-day protection by preventing all common memory exploit techniques
Every cyber security executive knows—or should know—that the current demand for skills is much greater than the supply. But a recent study by (ISC)², an international non-profit membership association of certified cyber security professionals, indicates just how mammoth the talent shortage has become.
Any organization with an online footprint is always exposed to DDoS (distributed denial-of-service) attacks, and new data from Imperva shows no industry has more to fear than Games and Gambling.
While most enterprises recognize the critical role that security operation centers (SOC) play in cybersecurity activities, very few are able to perfect a SOC approach that meets their ultimate satisfaction. A new study out on attitudes toward SOC efficacy shows that organizations are spending millions each year to run their SOCs, but that many are unhappy with the ROI from this investment.
Cyber threats lurk behind every corner, in every industry and geography. From run-off-the-mill crooks to sophisticated state-sponsored actors, cybercriminals take every opportunity to exploit weaknesses for quick cash, to exfiltrate data, or to simply disrupt operations, depending on their goal.
A protocol little known by executives outside of the networking world may put the future safety of enterprise IoT at extreme risk if organizations don't take action to secure their connections. New research out last week found that the way that many large organizations are using the Long Range Wide Area Networking (LoRaWAN) protocol is making them susceptible to hacking that could cause civic disruption and even put people at risk.
The US National Security Agency (NSA) has published an important document outlining the main classes of cloud vulnerabilities and the ways an organization can go about addressing them.
IT auditors—the people who conduct examinations of the management controls within an organization’s IT infrastructure to determine if technology assets are secure and to ensure data integrity—have had their hands full lately.
A Canadian insurance company that fell victim to ransomware last year has managed to obtain the decryptor from its aggressors, then went on to freeze their Bitcoin wallet using a clever trick.
Earlier this week, police in Japan launched what was described as a "three day public-private cybersecurity exercise" focusing on the risks faced by teleworkers.
What is security culture? There’s lots of talk about how important security culture is to a security program, but security culture is a nebulous concept to attempt to define — and harder still to measure. It’s also, apparently, difficult to achieve: a survey from the IT governance professional’s organization ISACA found that nine in ten enterprises said they have a gap between the security culture they want to have and the actual culture they have in place.
