"Zero trust" is arguably the cybersecurity buzzword of 2019, but what exactly is it? Is it a tool? Is it a capability? Is it a philosophical journey with no endpoint? Or is it all of the above? Jack Koons of Unisys explains why "zero trust' is a highly subjective term based on corporate risk appetite.
Video conferencing and collaboration systems are must-have tools for global companies. But new research by Forescout illustrates that elementary security errors in one vendor's system could have allowed attackers to snoop on meetings and view sensitive documents.
A new cyberespionage campaign has targeted hundreds of manufacturing and other industrial firms in South Korea and has spread to other parts of Asia and Europe, CyberX reports. The apparent goal of the campaign is to steal trade secrets and intellectual property as well as credentials.
In this in-depth blog, a long-time cybersecurity specialist who recently joined the staff of Information Security Media Group sizes up evolving ransomware risks and offers a list of 11 critical mitigation steps.
IoT devices are generating duplicate prime numbers while generating RSA keys, putting them at risk of a factoring attack, according to new research, which shows such an attack could be done at scale and at a low computing cost.
To help enhance security, Firefox extension developers will be required to set up their accounts to support two-factor authentication beginning early next year, Mozilla, the open source community that supports the browser, has announced.
Fraud prevention is a perpetual cat-and-mouse game as fraudsters develop new tools and uncover new ways to monetize their activities, says Anthony Cardoza of XTN Cognitive Security, who offers defensive insights.
The gang behind Maze ransomware has begun publicly identifying its victims and listing data that it exfiltrated from systems before leaving them crypto-locked. The intent is clear: By naming and shaming victims, the Maze gang is trying to compel them to pay.
The long-awaited personal data protection bill, which was expected to be cleared by the Indian Parliament this year, has been put on hold yet again following serious concerns raised about recent changes in the proposal. It's been referred to a joint parliamentary committee for further review.
Suspicious code uploaded to VirusTotal points to Ryuk ransomware being used in a crypto-locking malware attack against New Orleans. Mayor LaToya Cantrell has declared a state of emergency and the city is continuing its recovery, noting that no emergency services have been affected.
Encrypted chat and messaging application Keybase has found out what happens when you wrap a cryptocurrency giveaway into your service. In short: Everyone comes out the woodwork to try to get a slice of the pie.
What connected devices are sneaking into the enterprise, and the advent of 5G technology only broadens the potential attack surface. Diana Kelley of Microsoft discusses the growing risks from connected devices and how to approach mitigation in 2020.
How confident are security leaders in their enterprise cybersecurity posture? And in turn, how are business leaders marketing cyber confidence to customers and partners? Alex Pitigoi of Nominet shares insights and analysis from new research.