In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including improving federal agencies' cybersecurity and businesses recovering from the pandemic's impact.
The widely used NicheStack TCP/IP stack has 14 vulnerabilities that, if exploited, could allow for remote code execution, denial of service, information leaks, TCP spoofing or DNS cache poisoning, according to researchers at Forescout and JFrog. But patches are now available.
The latest edition of the ISMG Security Report features an analysis of how ransomware attackers share about their inclinations, motivations and tactics. Also featured: The rise of integrity attacks; dispelling vaccine myths.
The U.S. Cybersecurity and Infrastructure Security Agency is creating the Joint Cyber Defense Collaborative to build a national cybersecurity defense strategy based on collaboration between the public and private sectors, CISA Director Jen Easterly said at the Black Hat 2021 conference Thursday.
Rainer Singer of Netskope discusses the Zero Trust Data Protection framework and mitigating the new security vulnerabilities created by the mobile workforce.
Cybersecurity acquisitions continue at an intense pace, with Ivanti, Sophos, Deloitte Risk & Financial Advisory, Cerberus Sentinel and Feedzai all making moves to bolster their security portfolios.
A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.
PayPal plans to hire more than 100 cryptocurrency experts, including those with expertise in compliance and anti-money laundering, as the online payments service expands its digital money transferring service and adds a "super app" wallet.
Italy's privacy regulator has slammed two of the country's biggest online food delivery firms - Deliveroo and Foodinho - with multimillion euro fines for using algorithms that discriminated against some workers. Legal experts say it's a reminder that such algorithms must be demonstrably transparent and fair.
Infection numbers are surging in the southern U.S., states and cities are enacting new mask mandates and the fall flu season looms as the great unknown. Sound familiar? COVID-19 is back with the highly contagious Delta variant. Pandemic expert Regina Phelps discusses what that means for business recovery.
Researchers at Palo Alto Networks' Unit 42 say they have demonstrated how exploits of Microsoft Jet Database Engine vulnerabilities could lead to remote attacks on Microsoft Internet Information Services and Microsoft SQL Server to gain system privileges. Microsoft recently patched the flaws.
Researchers at vpnMentor say that B2B marketing company OneMoreLead exposed the data of up to 126 million Americans on a misconfigured Elasticsearch server.
Chinese APT groups compromised networks of telecom providers across Southeast Asia in an effort to harvest customers' sensitive communications, according to Cybereason. As in other Chinese cyberattacks, these APT campaigns exploited flaws in Microsoft Exchange servers.
Tom Kellermann calls it a new "Twilight Zone" - an era in which cybersecurity adversaries can unleash destructive attacks that manipulate time, data, audio and video. The cybersecurity strategist shares insights and analysis from his latest Global Incident Response Threat Report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.