Application security, Security
November 15, 2022
Via: Dark ReadingNeosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced that it now tokenizes API activity data to enable organizations to fully see and store API data, removing the possibility of keeping sensitive data at-rest. Today, […]
October 5, 2022
Via: The Hacker NewsU.S. cybersecurity and intelligence agencies on Tuesday disclosed that multiple nation-state hacking groups potentially targeted a “Defense Industrial Base (DIB) Sector organization’s enterprise network” as part of a cyber espionage campaign. “[Advanced persistent threat] actors used an open-source toolkit called […]
September 15, 2022
Via: Dark ReadingSeveral recent high-profile instances of data loss serve as cautionary tales for organizations handling sensitive data — including a recent case where the personal data of nearly half a million Japanese citizens was put in a compromising position when the […]
September 9, 2022
Via: Help Net SecurityA Netwrix survey revealed that 47% of educational institutions suffered a cyberattack on their cloud infrastructure within the last 12 months. For 27% of them, incidents in the cloud were associated with unplanned expenses to fix security gaps. “Educational institutions […]
Application security, Security
September 6, 2022
Via: CSO OnlineIn-app browsers can pose significant security risks to businesses, with their tendency to track data a primary concern. This was highlighted in recent research which examined how browsers within apps like Facebook, Instagram and TikTok can be a data privacy […]
Threats & Malware, Vulnerabilities
August 10, 2021
Via: Security WeekWhile the misconfiguration has been known since at least last year and Salesforce has taken steps to prevent incidents, data security company Varonis says it’s still seeing many affected organizations. Varonis believes thousands of companies could still be vulnerable. Salesforce […]
October 20, 2020
Via: CSO OnlineFailing to report sensitive data breaches to US regulatory and law enforcement agencies just got more dangerous and confusing for CISOs and their organizations. If that failure is seen as a coverup, such as paying ransoms for retrieving sensitive data, […]
Threats & Malware, Vulnerabilities
June 12, 2020
Via: WiredFOR THE PAST two years, modern CPUs—particularly those made by Intel—have been under siege by an unending series of attacks that make it possible for highly skilled attackers to pluck passwords, encryption keys, and other secrets out of silicon-resident memory. […]
Data loss, Network security, Threats & Malware, Vulnerabilities
April 30, 2019
Via: Hot for SecuritySelling your old hard drive on eBay may sound like a good way to squeeze a few extra bucks from unused hardware, but not if you don’t erase the data properly. A combined team of data recovery experts from Blanco […]
July 31, 2017
Via: Security IntelligenceSecurity is the primary focus of any government agency. One of the most obvious pitfalls of these agencies moving highly sensitive data to the cloud is that they surrender control to a third party. Moreover, nothing on the internet is truly secure, […]
February 27, 2017
Via: Threat PostThe Cloudflare content delivery network for months has been leaking customer data, everything from private messages to encryption keys and credentials belonging to users of some of the Internet’s biggest properties. The vulnerability has been addressed, Cloudflare CTO John Graham-Cumming […]
January 27, 2017
Via: Radware BlogDDoS attacks can be costly and risky. TierPoint is witnessing a growing trend of using such attacks as the means to another, potentially more devastating, end: stealing sensitive data. Call this new breed of attack the “DDDoS”—deceptive distributed denial-of-service. With […]
June 30, 2016
Via: Help Net SecurityE-commerce sites are reselling used electronics without permanently erasing data from them. Based on an analysis of 200 second-hand hard disk drives and solid state drives purchased from eBay and Craigslist in the first quarter of 2016, Blancco Technology Group […]
May 26, 2016
Via: Help Net SecurityData Loss Prevention has evolved beautifully in the last few years. The measure of control that DLP now provides is extremely powerful, and helps organizations from all sectors and of all sizes minimize the risk of data theft and loss, […]
March 21, 2016
Via: Security IntelligenceMajor League Baseball’s spring training will wrap up in a matter of weeks, and baseball stadiums everywhere are getting ready for opening day — you might even be able to smell the peanuts already. But when it comes to your […]
February 19, 2016
Via: TrendMicro BlogBy now, ransomware isn’t anything new – these attacks have been capturing headlines for several years, particularly when high-profile targets including enterprises or law enforcement agencies are victims. However, a ransomware infection poses a unique set of challenges when it takes place […]
January 14, 2016
Via: CSO OnlineI prefer the use of shoulder surfing over visual hacking, however it is a highly critical issue for security practitioners. First, lets examine the straightforward claim of teamwork and collaboration. The column assumes that everyone inside a company is entitled […]
December 3, 2015
Via: CSO OnlineDistributed denial-of-service attacks have increased in complexity so that they are no longer just an annoyance causing a disruption in service. Criminals are using these attacks as a distraction while targeting sensitive data, leaving enterprises to pay for lost business […]
December 2, 2015
Via: Help Net SecurityWhen it comes to migrating to the cloud, 65% of companies are concerned with security and 40% worry about their loss of physical control over data in the cloud. In particular, 69% of companies are afraid that migration to the […]
Access control, Editorial, Security
August 12, 2015
Via: Russel EdwardsThe air gap or air wall technique implies isolating one or more computers from unsecured networks. It can be implemented physically or theoretically, in the second case the isolation being realized only at a cryptographic level. Used in order to […]