A massive scan of open internet ports confirms long-held assumptions that old, insecure internet protocols never die, and in fact may still thrive, especially in Belgium, says Rapid 7 security research manager Tod Beardsley.
The nature of sophisticated fraud is changing, argues NPCI's Bharat Panchal. He shares experiences from his sector to support this idea, and he shares insights on how this will affect the security practitioner roles.
As insider channels increasingly become the vector through which attackers gain unauthorized access to data, organizations must look at context-aware security to understand user behavior and prevent data leak, says Naveen Gurusiddaiah of Micro Focus.
Days after booting hackers from its network, the Democratic National Committee allowed incident-response firm Crowdstrike to publicly detail its findings. That's a rare - albeit welcome - move for other potential targets.
With rampant password, patch management and data missteps, it can feel like information security déjà vu all over again as security professionals fight so many of the same battles as 10 or 20 years ago, says white hat hacker Cris Thomas, a.k.a. "Space Rogue."
Security leaders discuss advanced persistent threat challenges facing enterprises, providing insights on how to identify and stop targeted attacks. They suggest appropriate mitigation techniques for advanced threat protection.
As cybersecurity demand surges in India, there is a crippling shortage of skilled professionals that the industry has been facing. KPMG's Sundar Ramaswamy suggests increased impetus on automating security roles will alleviate the problem.
For years, organizations have been threatened by DDoS attacks on several fronts, ranging from volumetric attacks to application-level and DNS strikes. Now come ransom-based attacks. Trey Guinn of CloudFlare discusses how to respond to each type of attack.
My initial reaction to Microsoft's announcement that it plans to buy LinkedIn for $26.2 billion in cash: I guess its massive 2012 data breach - and the loss of virtually every user's credentials - didn't hobble the company's long-term prospects.
First the hackers came for our credit cards. Now they're taking control of our TVs. Witness the latest version of FLocker - for "frantic locker" - which is designed to lock Android devices, including smart TVs.
As we prepare to mark the tenth anniversary of the PCI Security Standards Council, it's time to assess the impact PCI-DSS has had on payments security and consider whether it will remain a viable standard 10 years from now. A series of upcoming reports will address these topics.
For its next move since jettisoning storage firm Veritas and becoming a pure-play security vendor, Symantec plans to buy network and cloud security firm Blue Coat from private-equity owners Bain Capital for $4.65 billion, gaining a new CEO in the process.
While many enterprises in the West adhere strictly to data breach notification norms, India remains far behind in reporting such incidents. What are the barriers? Supreme Court Advocate Pavan Duggal offers insights.
Collaboration, information sharing and a need to keep security discussions real and grounded are just some of the themes that were reinforced by speakers and attendees at the ISMG Data Breach and Fraud Prevention Summit in Mumbai.
More than 32.8 million Twitter credentials have been compromised and are being offered for sale on the dark web, claims LeakedSource, a subscription-based breach notification service. But some security experts question whether the credentials are current and authentic.