Specops researchers analyzed more than 800 million compromised passwords to determine the popularity of Division 1 Football Bowl Subdivision programs and their team mascots and nicknames appearing on breached passwords lists.
Following the National Defense Authorization Act (NDAA) 2019 Section 889 and the ban of cameras and components made by certain Chinese companies, the Federal Communications Commission (FCC) has proposed a rule to ban products from Chinese electronics companies.
The Cybersecurity and Infrastructure Security Agency (CISA) opened registration for the third annual President’s Cup Cybersecurity Competition.
Instead of disrupting development with gates, organizations can implement a security champions program to build security guardrails into development. Here are five considerations for implementing an effective security champions program.
Any organization handling personally identifiable information through an IVR or contact center must secure its systems and implement proper risk management protocols. If they don’t, they and their customers may well suffer severe financial and reputational damage in the years to come.
FermÃn Serna has been appointed Chief Security Officer (CSO) at Databricks, where he will lead Databricks' network, platform and user security programs, and governance and compliance efforts.
A security vulnerability in popular dating app Bumble enabled attackers to pinpoint other users’ precise location. Using fake Bumble profiles, security researcher Robert Heaton fashioned and executed a ‘trilateration’ attack that determined an imagined victim’s precise location.
A critical security vulnerability in Microsoft’s Azure cloud database platform – Cosmos DB – could have allowed complete remote takeover of accounts, with admin rights to read, write and delete any information to a database instance.
President Biden’s executive order on improving the nation’s cybersecurity will impact device manufacturers—even those that don’t sell to the Federal government.
Current cybersecurity professionals and educators can change the narrative, but only if we take individual responsibility to engage with others and be visible members of our communities. Otherwise, the issue of a lack of diversity in the field won’t address itself.
Risk assessments aren’t being done the right way – and that can lead to multiple problems for businesses. It’s time for a risk assessment redo.
With a strong, well-executed cybersecurity strategy, using these four techniques, SMBs have a better chance at keeping the hackers and attackers out.
Beyond the ransom, victims must shoulder the heavy burden of business interruption, insurance policy consequences, mitigation, potential regulatory fines, third-party crossover harm and reputational damage. Every organization must prepare for this threat. The question is how best to do it. As an added measure, we can turn to an unlikely source for advice on avoiding a ransomware attack – the criminals themselves.
"The Perfect Scorecard: Getting An 'A' in Cybersecurity From Your Board Of Directors" book offers best practices in closing the communications gap between security experts and the board members tasked with the organization's governance and oversight activities.
As detailed in a new Area 1 Security report, threats ranging from ransomware, credential harvesters to difficult-to-discover but costly business email compromise targeted inboxes, could have resulted in over $354 million in direct losses had they been successful.
Kubernetes runtime security is a growing concern, according to NeuVector's 2021 EU Container Security Survey.
With the new cybersecurity bill on the horizon, the federal government is taking a pivotal step in making resilient, remote cybersecurity measures more of a reality with a zero trust framework. Here, Security spoke to Bill Wright, Director of Federal Government Affairs at Splunk, for a deeper dive into strategies federal organizations can use to facilitate expedited zero trust adoption.
Zero trust has become the latest buzzword in the security industry. It’s helpful to analyze the model from the attacker’s perspective to identify assumptions or actions that could provide a foothold for cybercriminals.
On a mission to empower a more secure, interconnected world, the National Cyber Security Alliance has partnered with cybersecurity organizations to launch a resource initiative aimed at raising diversity and closing the cybersecurity talent gap.
Organizations should ready a comprehensive ransomware preparedness strategy ahead of time that is adapted depending upon the severity of an attack. Here are four steps leadership should follow in developing a ransomware response strategy.
As infrastructure trends as one of the top national priorities, the IRS leak is an important reminder that we need to prioritize innovation and security in our digital infrastructures.
Sumo Logic research reports that 56% of companies with more than 10,000 employees receive more than 1,000 security alerts every day, and 93% say they cannot address all alerts the same day. Cybercriminals are also aware of alert fatigue and count on IT to ignore many security alerts. So, what can you do?
Software as a service (SaaS) has taken over, and the average enterprise now uses hundreds of unique SaaS applications to accelerate their digital transformation and business velocity. However, while SaaS has fulfilled its growth-enabling potential, most organizations have lost their grip on its consumption and use. IT and security teams can no longer depend on network or endpoint controls to govern application access.
There were 1,767 publicly reported breaches in the first six months of 2021, which exposed a total of 18.8 billion records, according to a new Risk Based Security 2021 Mid Year Data Breach QuickView Report.
As technology grows and advances, potential cyber threats grow with it. While this notion is nothing new, the current speed of innovation makes it more important than ever to consider the implications these developments will have on our cybersecurity capabilities — especially with cybercriminals becoming more sophisticated and more adept at using emerging blind spots to their advantage.
The cybersecurity industry is in the midst of a skills crisis. With a cyberattack occurring approximately every 39 seconds, every business needs a well-trained staff to protect it. How can the void be filled? Artificial intelligence (AI). It’s one of the best hopes for the industry and has the potential to ease the pressures of the security skills shortage.
NSA released the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings,” to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.
As COVID-19 vaccinations continue, companies embrace hybrid work, employees return to the office and the U.S. opens up, violence and physical threats to businesses are occurring at an unsettling, record-high pace, according to a new study commissioned by the Ontic Center for Protective Intelligence.
