IT security provider Symantec says it identified multiple publisher identifications on the Android Market that are being used to push out Android.Counterclank, which it characterizes as a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device.
Risk assessments are over. Now it's time for institutions to prove they conform to the FFIEC's Authentication Guidance. Fraud expert George Tubin offers tips to prepare for the first regulatory exam.
With the surge in use of tablets, smart phones and other mobile devices, it's good to see some privacy and security best practice guidance is in the works.
People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.
"Accountability for security and privacy in public cloud deployments cannot be delegated to a cloud provider and remains an obligation for the organization to fulfill," NIST Computer Scientist Tim Grance says.
IT security leaders rely on penetration testing to determine whether applications are secure. But penetration tests can't be a primary source of assurance, says Jeff Williams, co-founder of OWASP.
Five years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
Steven VanRoekel says the mobile revolution will fundamentally change the way the federal government serves the public and its employees. But in outlining the Federal Mobile Strategy, the federal CIO hardly mentions security and privacy.
Researchers say the Ramnit worm, which has defeated two-factor authentication measures used to protect bank online accounts, is now targeting the popular social media site Facebook.
Complexity is among the most significant information risk challenges IT security practitioners face. Mobile and cloud computing, new technologies, outsourcing and growing threats from malware and people make managing risk more complex.
As organizations move to the continuous monitoring of their IT systems to assure they're secure, they rely much more on automated processes. But don't forget the role people play.
When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
Researchers from Kaspersky Lab say at least two other pieces of malware may have been developed on the same computing platform, perhaps by the same individuals.
Maritime cybersecurity awareness is currently low, to non-existent, says The European Network and Information Security Agency in a recently published report on security challenges in the maritime sector.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.