A global health crisis. A remote workforce. Economic uncertainty. These are key ingredients to fuel the insider threat. Randy Trzeciak of the CERT Insider Threat Center at Carnegie Mellon University offers tips for monitoring risky behavior and creating positive incentives to reduce risk.
TikTok, a video-sharing service, has been delivering video and other media without TLS/SSL encryption, which means it may be possible for someone to tamper with content, researchers say. That could be especially damaging in the current pandemic environment, where misinformation and confusion abounds.
Using location data to warn people who have come in contact with those infected with COVID-19 holds promise to stem the deadly pandemic. But with that comes privacy concerns. Cryptologist Vanessa Teague breaks down risks and solutions.
Microsoft issued patches for three zero-day vulnerabilities as part of its most recent Patch Tuesday update. The software giant had previously warned users about two vulnerabilities in the Adobe Type Manager Library that were being exploited in the wild.
The shift to telework due to the global COVID-19 pandemic has raised the risk of exposure to botnets as well as Mirai and Trickbot malware, according to the security firm BitSight.
A month-plus into pandemic response, what have enterprises learned from deploying and securing a nearly fully-remote workforce? Thomas Bieser of Okta shares lessons and the benefits of accessing critical apps and tools via the cloud.
Singapore's open banking effort has expanded the attack surface, and the only effective defense is to enhance threat intelligence sharing among banks, retailers and third parties, says Tom Wills, a Singapore-based cybersecurity practitioner who is a consultant for financial institutions.
In January, hackers reportedly compromised portions of the New York state government's computer network by taking advantage of an unpatched vulnerability in Citrix enterprise software. Although state officials say no data was compromised, the attack reportedly disabled some state agency information systems.
Before the COVID-19 pandemic, venture capitalist Hank Thomas helped launch SCVX, a cybersecurity-focused special purpose acquisition company. Post-pandemic, Thomas sees a bright future in filling what he sees as the market need for a scalable, integrated platform.
An important step in protecting the data of employees as well as patients is conducting audits of third parties that have access to that data, says Unique Kumar, head of digital innovation and cybersecurity at Max Healthcare, a hospital chain based in New Delhi.
In the effort to develop COVID-19 medical insights, some healthcare and technology firms are reportedly partnering to collect coronavirus patient information to assist government and academic researchers. But such efforts are raising significant security and privacy concerns.
The U.K. government says it's prepping a contact-tracing app in an attempt to help contain COVID-19. But a leading cybersecurity expert argues that the proposal amounts to little more than "do-something-itis" and urges a focus, instead, on expanded testing as well as ventilator production.
Dutch police have shut down 15 DDoS booter sites over the course of a week. Meanwhile, they've arrested a 19-year-old in connection with DDoS attacks on two government websites.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.