CIA Finds It Failed to Secure Its Own Systems

Data Breach Today

IT 217

Cloud Security: Mess It Up and It's on You

Data Breach Today

Jay Heiser of Gartner Says the Cloud Demands New Security Processes, Tools The transition to cloud-based software and infrastructure has revolutionized development and services. It's also created a bevy of new security challenges.

IT 195

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Report: CIA Failed to Secure Its Own Systems

Data Breach Today

Senator Wyden Releases 2017 Report That Blames Lack of Security for Leaks An internal CIA report released Tuesday found that the agency's failure to secure its own systems led to the massive 2017 data breach that enabled classified information, including details on 35 CIA hacking tools, to be leaked to WikiLeaks.

IT 183

2020 Security Agenda: Who Owns it?

Data Breach Today

ForeScout's Ellen Sundra on Security Priorities and Challenges It's relatively easy to list an enterprise's cybersecurity priorities for 2020. But who owns them? What are the hurdles to completing these projects? These can be tougher questions to answer, says Ellen Sundra of ForeScout

IT 160

Hacking It as a CISO: Advice for Security Leadership

Dark Reading

A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives

Risk 72

Addressing Shadow IT Issues During COVID-19 Crisis

Data Breach Today

Security Experts Offer Risk Mitigation Tips With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved

IT 225

Turn on MFA Before Crooks Do It For You

Krebs on Security

But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control.

IT 253

Signal Is Finally Bringing Its Secure Messaging to the Masses

WIRED Threat Level

The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream. Security Security / Security News

Autonomous IT: Less Reacting, More Securing

Dark Reading

Keeping data secure requires a range of skills and perfect execution. AI makes that possible

IT 59

Massive cyber attack forced Ruhr University Bochum (RUB) to shut down its IT infrastructure

Security Affairs

Ruhr University Bochum (RUB) shuts down a large portion of its central IT infrastructure between May 6 and May 7, 2020. “Due to considerable technical problems in the IT infrastructure, a large number of systems have not been available since around 8 a.m.

IT 93

European Commission has chosen the Signal app to secure its communications

Security Affairs

The popular cross-platform encrypted messaging service Signal has been chosen by the European Commission for its communications. The European Commission has decided to adopt for its staff the popular cross-platform encrypted messaging service Signal for its communications.

The DoD Isn't Fixing Its Security Problems

Schneier on Security

It has produced several reports outlining what's wrong and what needs to be fixed. It's not fixing them : GAO looked at three DoD-designed initiatives to see whether the Pentagon is following through on its own goals.

Cyber Defense Magazine – August 2020 has arrived. Enjoy it!

Security Affairs

OVER 145 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. Enjoy it! appeared first on Security Affairs.

B2C 77

RIP, 'IT Security'

Dark Reading

Information security is vital, of course. But the concept of "IT security" has never made sense

Gartner's Top IT Security Projects for 2019

eSecurity Planet

Which IT security projects deliver the most value and protection from risk? Gartner analysts offer their views

Risk 99

Ill-Defined Career Paths Hamper Growth for IT Security Pros

Dark Reading

Appsec and cloud security skills are the most in demand, and a shortage of staff is wearing on security teams, a new study shows

Cloud 71

Samsung fixes a zero-click issue affecting its phones

Security Affairs

Samsung addressed this month a critical 0-click vulnerability that was discovered by security researchers from Google. Samsung released this week a security patch that addresses a critical vulnerability, tracked as CVE-2020-8899, impacting all smartphones sold since 2014.

IT 100

Security Doesn't Trust IT - and IT Doesn't Trust Security

Dark Reading

How a rocky relationship between IT operations and cybersecurity teams can compound security risks

Secure 2018 US Elections: It's Too Late

Data Breach Today

But here's how the company can get its act together in time for 2020 Facebook's Ex-CSO Says That Ship Has Sailed; Look to 2020 With less than three months to go until the U.S. midterm elections, Alex Stamos, until recently Facebooks's CSO, says there isn't time to properly safeguard this year's elections.

IT 143

Cybersecurity Leadership: The Future Is Now - So, How Will You Secure It?

Data Breach Today

CEOs, CISOs on Identity, Visibility and Defending in the New Threat Landscape Digital transformation may have occurred over a weekend in March, but the effects will be felt - and secured - for years to come.

ISS reveals malware attack impacted parts of the IT environment

Security Affairs

ISS , the multinational Denmark-based facility services company, was hit with a malware that shuts down shared IT services worldwide. ISS services include cleaning services, support services, property services, catering services, security services and facility management services.

IT 111

Securing IoT: Is It Feasible?

Data Breach Today

In an interview, Al Pascual of Javelin Strategy & Research, discusses the challenges involved in securing the exploding IoT landscape consumers now own about 870 million IoT devices.

IoT 100

Building a Stronger Security Infrastructure

Data Breach Today

Insights on Protecting Customer Data During the Pandemic As organizations collect more consumer data during the COVID-19 pandemic, how can they protect it?

Microsoft investigates claims that its GitHub account has been hacked

Security Affairs

Microsoft confirmed that it is investigating claims that its GitHub account has been hacked after some of its files were leaked online. Microsoft launched an investigation into the claims that its GitHub account has been hacked.

IT 89

Insurer Chubb Investigating 'Security Incident'

Data Breach Today

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident."

AI-Augmented Security: Can Cyberattackers Counter It?

Data Breach Today

XM Cyber's Adi Ashkenazy on the Latest Trends Are cyberattackers working on ways to counter artificial intelligence-augmented security? And will the bad guys ever use AI-driven attacks? Adi Ashkenazy of XM Cyber offers an analysis

Zyxel 0day Affects its Firewall Products, Too

Krebs on Security

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Now it appears Holden’s hunch was dead-on.

IT 193

It’s Way Too Easy to Get a.gov Domain Name

Krebs on Security

But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to obtain their very own.gov domain. Then you either mail or fax it in. “I never said it was legal, just that it was easy,” the source said.

IT 240

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. Image: Hold Security. Department of Homeland Security U.S. The U.S.

IT 241

Reducing Shadow IT Through Digital Transformation

Rocket Software

All businesses today have a hybrid IT environment. Other IT spending includes mobile, desktop and end-user devices. In many cases, those budgets might be by server domain, so the mainframe budget is separate and independent of the rest of their IT infrastructure.

Juniper Networks addressed many issues in its products

Security Affairs

Juniper Networks addressed several vulnerabilities in its firewalls, most of them can be exploited by attackers for denial-of-service (DoS) attacks. The company published a list of security advisories to inform its customers of the vulnerabilities in its products.

IT 81

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Security Affairs

It has imposed online learning and earning, which in turn has open new doors of cybersecurity threats and data breaches. EU General Data Protection Regulation ( GDPR ) regulates the data security implemented by the organizations and companies. Secured Network.

GDPR 113

Cisco addresses multiple issues in its SD-WAN product

Security Affairs

Cisco has addressed a total of five vulnerabilities in its SD-WAN solution, including three high severity flaws. Cisco has addressed five vulnerabilities in its SD-WAN solution, including three high severity flaws. SecurityAffairs – CISCO SD-WAN, cyber security).

IT 87

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. [ NYSE:WIT ] is investigating reports that its own IT systems have been hacked and are being used to launch attacks against some of the company’s customers, multiple sources tell KrebsOnSecurity.

IT 259

Can I Use the Same Security Tools on My IT and OT?

Dark Reading

You can quit worrying about IT tools in the OT environment

IT 75

New Mac Ransomware Is Even More Sinister Than It Appears

WIRED Threat Level

The malware known as ThiefQuest or EvilQuest also has spyware capabilities that allow it to grab passwords and credit card numbers. Security Security / Cyberattacks and Hacks Security / Security News

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend.