The recent breakthroughs in analytics, machine learning and AI have changed the way cybersecurity professionals can mitigate risks within the enterprise. There are several things to keep in mind, however, as cybersecurity team begins creating and building out a threat intelligence capability. Here’s how to make threat data relevant, actionable and effective for your organization.
Data Privacy Day is a global effort — taking place annually on January 28th — that generates awareness about the importance of privacy, highlights easy ways to protect personal information and reminds organizations that privacy is good for business. Here, Security magazine compiled advice, tips and best practices for safeguarding data from many security executives.
Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action.
The Sophos Rapid Response team published findings from its investigations into recent ransomware attacks that reveal a failure to keep close tabs on “ghost” account credentials of recently deceased employees can give cybercriminals a discreet foothold to launch an attack.
In spite of the fact that mobile apps live on IoT-enabled devices, collect user data, and continuously loop communication between Internet, cloud services and companies (even when not “in use”), there is a limited view that they are different entities altogether. We see this particularly when it comes to security – or lack-there-of – regarding security standards in place to continuously protect users from detrimental application hacks.
With so many working from home, the cyber hygiene of employee homes has become a more central concern to those overseeing security inside today’s enterprises. The bottom line for every organization is that its attack surface has greatly expanded, altering traditional cybersecurity roles. Security within the enterprise needs to reshape to fit this new reality.
Google has announced that a North Korean government hacking group has targeted members of the cybersecurity community engaging in vulnerability research. The attacks have been spotted by the Google Threat Analysis Group (TAG), a Google security team specialized in hunting advanced persistent threat (APT) groups.
The 16th edition of the World Economic Forum’s Global Risks Report analyses the risks from societal fractures—manifested through persistent and emerging risks to human health, rising unemployment, widening digital divides, youth disillusionment, and geopolitical fragmentation. Among the highest impact risks of the next decade, infectious diseases are in the top spot, followed by climate action failure and other environmental risks; as well as weapons of mass destruction, livelihood crises, debt crises and IT infrastructure breakdown, the World Economic Forum says.
The report also ranked cybersecurity failure as a critical threat to the world.
Due to its popularity as an embedded protocol operating in devices across the industrial control systems (ICS) domain, the Claroty Research Team decided to analyze the Open Platform Communications (OPC) for security vulnerabilities and implementation issues. In a blog, they shared some details about a number of vulnerabilities that emerged from their intensive investigation of the protocol.
RSS
