Multifactor authentication needs to move away from one-time passwords sent via text message and embrace modern standards that prevent man-in-the-middle attacks. Plus, excessive identity challenges online lead to 20% of e-commerce transactions being abandoned, say experts at Authenticate 2022.
Zero trust-targeted attacks, phishing, vishing, smishing and social engineering are on the rise, targeting individuals and human vulnerabilities. What can companies do to stay ahead? Steve Benton of Anomali shares insights on intelligence-empowered detection and response.
Emails encrypted through Microsoft Office are vulnerable to attacks that can reveal the original content of messages due to shortcomings in the protocol, says WithSecure security researcher Harry Sintonen. Microsoft says it may finally abandon its use of the Electronic Code Book algorithm.
Lloyd's of London says it has fully restored network services and that an investigation uncovered no evidence of a compromise. The insurance and reinsurance marketplace giant took systems offline last week after detecting what it called "suspicious activity."
Two Australian regulatory agencies are investigating the telecommunications company behind the country's second-largest data breach, affecting approximately 10 million people. Optus could face millions of dollars in fines from probes into the firm's privacy and data retention practices.
Patient portals, electronic prescriptions and some other IT systems are still affected at an undisclosed number of CommonSpirit Health hospitals and clinics in several states more than one week after a cyber incident hit the multistate hospital chain.
The Google-Mandiant marriage will combine Google's security monitoring tools with Mandiant's threat intel and attack surface management solutions, plus new SOAR and file and URL analyzer capabilities, to create an "end-to-end threat intelligence and cybersecurity operations suite."
Telecom giant Singtel is managing multiple data breaches just weeks after Australian subsidiary Optus reported a breach affecting 9.8 million individuals. One of the new breaches is also in Australia. The other stems from a 2021 zero-day vulnerability in file transfer application Accellion FTA.
The steady barrage of acquisition reports around publicly traded digital experience vendor Akamai has intensified in recent weeks. The latest salvo landed Monday when StreetInsider reported that the intelligent edge platform provider held talks with a private equity firm about a potential takeover.
The U.S. Department of Defense uncovered almost 350 vulnerabilities in the department's networks as part of its experimental bug bounty program launched on American Independence Day. The weeklong bug bounty challenge called "Hack U.S." ran from July Fourth to July 11.
The chief executive of Portugal's state-owned airline said she will not negotiate with hackers even as the Ragnar Locker ransomware-as-a-service group posted online the data of 1.5 million customers. "We hope you support us in this ethical attitude," said Christine Ourmières-Widener.
Financial services giant Morgan Stanley will pay a $35 million fine to settle U.S. Securities and Exchange Commission charges that it failed to comply with rules requiring it to safeguard customer data as well as ensure it is disposed of properly.
Uber is fingering adolescent extortion hacking group Lapsus$ for the disruption to its internal systems. A self-proclaimed 18-year-old last week spammed the company with vulgar messages and shared online screenshots of the company's cloud storage and code repositories. The FBI is investigating.
Palo Alto Networks has been in a 19-month dry spell when it comes to major acquisitions, but it looks like that's about to change. Israeli business publication Calcalist reported Monday the firm is closing in on a deal to buy New York-based code risk platform provider Apiiro for around $600 million.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.