The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
The latest edition of the ISMG Security Report features an analysis of British spy chief Jeremy Fleming’s "cybersecurity call to arms." Also featured: Insights on COVID-19 business continuity planning; the wisdom of the late Dan Kaminsky.
Microservices architecture seems to have become de rigueur for a “modern” systems design. But what are the advantages, and disadvantages of microservices in practice, and where are they headed over the next few years?
Download this eBook and learn:
Why microservices are being used to re-architect existing...
Cloud migration is a top strategic priority for many banks, insurers and telecoms providers. Following the lead of FinTech firms, almost all have this journey on their radar, but the benefits are yet to be captured.
Download this eBook and learn:
Why ad hoc analysis leads to difficult cloud migrations;
Can the essential activities of application refactoring be significantly accelerated by applying software intelligence?
Download this guide and learn about:
The five approaches to application modernization;
The most common Analysis and Action motions used during application refactoring;
Accelerating the common...
Agile techniques, open-source component reuse, scripting languages and cloud platforms have all made developers more productive. Yet, developer productivity is still a problem that plagues engineering management.
Download this guide and learn:
Why developers spend more than half their productive time understanding...
Some security experts are questioning whether Experian is doing enough to ensure security after a researcher discovered that an API the credit reporting firm uses to allow lenders to check the credit score of prospective borrowers could expose customer's scores.
Apple has patched a zero-day flaw in macOS 11.3 that attackers have been exploiting since at least January to install advertising software on victims' systems. The flaw enables a malicious script to be deployed that bypasses Notarization, Gatekeeper and File Quarantine security defenses.
Ransomware continues to prove a reliable moneymaker for criminals, with the average cyber extortion payoff rising to $220,298, reports ransomware incident response firm Coveware. Zero-day attacks and shakedowns targeting Accellion File Transfer Appliance users helped boost criminals' profits.
Dan Kaminsky, a renowned security researcher, died last week at age 42. He gained cybersecurity fame in 2008 after discovering and helping to coordinate a patch for a massive security flaw in the internet's Domain Name System.
The FBI and CISA are warning of continued cyberthreats stemming from Russia's Foreign Intelligence Service, or SVR, which the Biden administration formally accused of carrying out the SolarWinds supply chain attack. A joint alert describes how Russian attackers are targeting vulnerable networks.