There are many reasons why IT professionals can be fired, but six out of the top nine are related to security. Fireable offenses included failing to modernize a security program, data breaches with unknown causes, data breaches that do not become public, and the failure of a security product or program investment.
Maria Korolov | 19 Jan | Read more
As open source code becomes more prevalent in both commercial and home-grown applications, the number of attacks based on its vulnerabilities will increase by 20 percent this year, predicted Black Duck Software, which collects statistics about open source projects
Maria Korolov | 17 Jan | Read more
Security experts have been pouring over the Joint Analysis Report released two weeks ago by the Department of Homeland Security and the Federal Bureau of Investigation, but there isn't enough detail in the public document to help organizations defend themselves against other Russian attacks.
Maria Korolov | 13 Jan | Read more
Russia and China have the more advanced cyber capabilities and are the highest potential of severe impact, but the US and its allies also pose global security concerns, according to a report released this morning by Flashpoint
Maria Korolov | 12 Jan | Read more
The holidays are a stressful period for online retailers, who get not only more customers but also a higher ratio of fraudsters - and when manual fraud reviews are added to the mix, the problem only gets worse
Maria Korolov | 11 Jan | Read more
Increased user awareness of phishing threats, better antivirus technology, more industry-wide information sharing and cross-border efforts by law enforcement authorities will combine to turn the tide against ransomware this year, according to some security experts, but others expect the attacks to continue to increase.
Maria Korolov | 05 Jan | Read more
The black market value of stolen medical records dropped dramatically this year, and criminals shifted their efforts from stealing data to spreading ransom ware, according to a report released this morning
Maria Korolov | 23 Dec | Read more
Whether quantum computing is 10 years away -- or is already here -- it promises to make current encryption methods obsolete, so enterprises need to start laying the groundwork for new encryption methods.
Maria Korolov | 22 Dec | Read more
A group of Russian cybercriminals is stealing between $3 and $5 million a day by diverting legitimate advertising revenues from over 6,000 brand-name websites such as ESPN, Vogue, Fortune, Fox News and CBS Sports
Maria Korolov | 21 Dec | Read more
The new internet communication protocol, HTTP/2, is now being used by 11 percent of websites -- up from just 2.3 percent a year ago. And while there have been no security problems found in the HTTP/2 protocol itself, there are vulnerabilities in some implementations and the possibility of lower visibility into internet traffic, so it's worth waiting for everything to shake out.
Maria Korolov | 16 Dec | Read more
Machine learning technologies can help companies spot suspicious user behaviors, malicious software, and fraudulent purchases -- but even as the defensive technologies are getting better, attackers are finding ways to get around them
Maria Korolov | 16 Dec | Read more
All it takes is a $20 dangle and some patience, and an attacker can listen into a company's pager communications -- including transcribed voice mail messages and dial-in instructions for conference calls
Maria Korolov | 14 Dec | Read more
According to a new study of the top one million domains, 46 percent are running vulnerable software, are known phishing sites, or have had a security breach in the past twelve months.
Maria Korolov | 14 Dec | Read more
Last week, Visa, MasterCard and American Expressed delayed the EMV migration deadline for gas stations from October 2017 to October 2020 -- but that doesn't mean that gas stations can now relax their EMV upgrade plans
Maria Korolov | 09 Dec | Read more
Last week's report by the nonpartisan Commission on Enhancing National Cybersecurity recommended training 100,000 new cybersecurity professionals and increasing federal R&D funding for cybersecurity by $4 billion over the next decade -- but that's not enough to address the current shortfall, experts say
Maria Korolov | 08 Dec | Read more