A successful cyberattack is undoubtedly one of the most disruptive events an organization can experience. Whether it’s phishing, DDoS, ransomware or SQL injection, the incident often results in major service failures and potentially massive revenue loss, as well as damage to brand reputation and customer trust. As CISO, you are charged not …
The most widely used password managers sport fundamental vulnerabilities that could allow malware to steal the master password or other passwords stored by the software directly from the computer’s memory, researchers with Independent Security Evaluators (ISE) have found. The findings They tested the 1Password, Dashlane, KeePass and …
Companies like Airbnb, Uber and DoorDash, which have a cloud-based software infrastructure as one of their main enablers, are disrupting the hospitality, transportation and food delivery sector. Why do all these new companies use the cloud and what advantages does it give them? Unlike legacy competitors, innovators with new infrastructure can: …
There were 6,515 publicly disclosed data compromise events through December 31, 2018, exposing over 5 billion sensitive records, according to Risk Based Security’s Year End 2018 Data Breach QuickView Report. While the year ended below 2017’s high mark of 6,728 reported breaches, a slow trickle of new breach information continues and may …
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest …
Faced with diminishing returns from ransomware and cryptojacking, cybercriminals are doubling …
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE archives. About the flaw The vulnerability was unearthed by Check Point …
Cloud services serve core functions essential to all aspects of business operations, but getting cloud security right is still a challenge for many organizations, the 2019 Cloud Threat Report by Oracle and KPMG has shown. The two companies have …
This year’s (ISC)² Secure Summit EMEA will take place in The Hague in April. In order to find out what elements set this event apart from other cybersecurity events, we sat down with Mary-Jo de Leeuw, Director of Cybersecurity Advocacy, …
There is a critical need for companies to adopt comprehensive and secure enterprise communications platforms to prevent shadow IT. It is a phenomenon where employees, to compensate for the lack of a comprehensive suite of communication tools …
There has been a worldwide rise in mobile access for consumers and business users. The expanded reach and quality of mobile broadband has fostered a seemingly insatiable demand for mobile communications, media and a wide range of mobile IoT …
Faced with diminishing returns from ransomware and cryptojacking, cybercriminals are doubling down on alternative methods, such as formjacking, to make money according to Symantec’s Internet Security Threat Report (ISTR), Volume 24. …
A successful cyberattack is undoubtedly one of the most disruptive events an organization can experience. Whether it’s phishing, DDoS, ransomware or SQL injection, the incident often results in major service failures and potentially massive …
Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the document’s relationship file (xml.rels). The trick has been spotted …
A low-skilled, remote attacker could use publicly available exploits to gain access to and mess with a power monitor by Rockwell Automation that is used by energy companies worldwide, ICS-CERT warns. All versions of Rockwell Automation’s …
Pulse Secure announced the integration of SDP (Software Defined Perimeter) architecture within its Secure Access platform and the inclusion of Pulse SDP as an add-on within its award-winning Access Suite. By offering a flexible path to SDP, the …
Account Takeover attacks don’t follow conventional attack patterns – they look, act, and feel like legitimate users. Without the right tooling, visibility into your environment, and intimate understanding of your users, defending …
