Insurer Chubb Investigating 'Security Incident'

Data Breach Today

Maze Gang Claims Insurer Is a Victim, Emsisoft Reports Switzerland-based global insurance firm Chubb acknowledges that it's investigating a "security incident." Meanwhile, the Maze ransomware gang is claiming Chubb is its latest victim, according to researchers at the security firm Emsisoft

Redefining Security Analytics

Data Breach Today

Chronicle's Anton Chuvakin on How to Fill the Gaps for Analysts There are glaring holes in how enterprises currently tackle security analytics, and by redefining the approach, the analyst's role can be transformed.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Analysis: Securing RDP to Prevent Ransomware Attacks

Data Breach Today

The latest edition of the ISMG Security Report discusses securing RDP to prevent ransomware attacks. Also featured: A look at three likely scenarios for the COVID19 pandemic, and an analysis of why we're still using PINs for certain card payments

The Future of Cloud Security

Data Breach Today

Forcepoint's Homayun Yaqub Previews New Virtual Roundtable Series What are some best practices for moving network security from the datacenter to the cloud? And what are the essentials of Secure Access Service Edge frameworks, and how can they be implemented?

Cloud 168

Kubernetes Security

Schneier on Security

A good first step towards understand the security of this suddenly popular and very complex container orchestration system. Attack matrix for Kubernetes, using the MITRE ATT&CK framework.

Securing the Modern Workplace

Data Breach Today

Now, how do you secure it? David Wagner of Zix on Rising to the Challenges of Cloud Remote workers, connected devices, cloud services and infrastructure - these are the elements of the new workplace. That's the challenge discussed by David Wagner, CEO of Zix

Cloud 178

NTT Security and WhiteHat Security Describe Deal

Data Breach Today

NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security.

Wendy Nather on Democratizing Security

Data Breach Today

Cisco's Head of Advisory CISOs on How Best to Serve Users In an RSA 2020 conference keynote, Cisco's Wendy Nather spoke of "democratizing security" - thinking differently about the people we serve and secure.

Italian Social Security Website Disrupted

Data Breach Today

News Reports Say Officials Investigating After Thousands Could Not Access Site Italian officials are investigating whether a disruption this week of access to the country's social security website was due to a hacking incident or a network overwhelmed by demand for benefits offered during the COVID-19 pandemic, according to news reports.

Election Campaign Security Revisited

Data Breach Today

CyberDome election security effort, shares an update With the U.S. presidential election now seven months away, how have threats to the campaigns evolved, and what impact might be seen from COVID-19? Brigadier General (retired) Francis X. Taylor, a leader of the U.S.

Case Study: Enhancing Endpoint Security

Data Breach Today

Because it's inevitable that some attackers will get around defenses, Kettering Health Network added an extra layer of endpoint security to help mitigate the risks posed by ransomware and other cyberthreats, says Michael Berry, director of information security.

Zoom's NY Settlement Spells Out Security Moves

Data Breach Today

attorney general's office to provide better security and privacy controls for its video conferencing platform. Meanwhile, Video Conferencing Firm Acquires Start-Up Encryption Company Zoom has reached a settlement with the N.Y.

5G Security

Schneier on Security

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Since the internet, especially the "internet of things," is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat.

3 Critical Security Conversations

Data Breach Today

Oscar Chavez-Arietta of Sophos on Key Topics The cloud, artificial intelligence and security as a service - these are the three critical conversations that security leaders need to be having with their business counterparts, says Oscar Chavez-Arietta, vice president, Latin America, at Sophos

Work-at-Home: The Impact on Security

Data Breach Today

Survey Sizes Up Increased Risks, New Duties for Security Staff The shift to working at home is opening the door to cybersecurity incidents.

Baking Security Into DevOps

Data Breach Today

Checkmarx's Matt Rose on the Nuances of DevSecOps Many CISOs today prefer the "DevOps" label, because adding "sec" to it suggests it's a whole different process, says Matt Rose of Checkmarx

Telehealth and Coronavirus: Privacy, Security Concerns

Data Breach Today

But these providers need to carefully consider privacy and security issues as they work to quickly offer these services As Services Expand, What Factors Should Organizations Consider?

Multilayered Security Gets Personal

Data Breach Today

First Data's Tim Horton on Why Encryption Is Not Enough to Secure PII When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption.

Boosting Secure Coding Practices

Data Breach Today

Carlos Pero of Zurich Insurance on Gaining Buy-In Carlos Pero, who heads cyber application security at Zurich Insurance, discusses how to get developers to buy in to secure coding practices

2020 Election Security: Sizing Up Preparedness

Data Breach Today

Security Experts Say US Is Better Prepared This Time Around The U.S.

How Telework Is Changing Cloud Security

Data Breach Today

Jim Reavis of the Cloud Security Alliance on Adjusting CISOs' Priorities Because the COVID-19 pandemic had led to more employees working from home, cloud services have become indispensable, but the pressure is on organizations to ensure security, says Jim Reavis, CEO of the Cloud Security Alliance

Cloud 169

Security 101: SQL Injection

Dark Reading

A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat

Zoom Still Addressing Security, Privacy Concerns

Data Breach Today

Governments, Organizations Rethink Use of Teleconference Platform As governments and organizations around the globe rethink their use of the Zoom teleconference platform as a result of ongoing privacy and security concerns, the company is making more system changes and has formed a CISO advisory board.

'Security Incident' Knocks UK's ARCHER Supercomputer Offline

Data Breach Today

Other European Supercomputers Also Affected, Officials Say ARCHER, a British high-performance computing system for academic and theoretical research, has been offline since May 11, when a "security incident" forced the University of Edinburgh to take down the supercomputer.

Analysis: Remote Workplace Security Challenges

Data Breach Today

The latest edition of the ISMG Security Report discusses the cybersecurity challenges posed by the work-at-home shift. Also featured: Tips from NIST on developing remote worker security policies, plus a discussion of the nascent threat of AI meeting assistants

Next Cloud Security Challenge: Containers and Kubernetes

Data Breach Today

Agile Development Calls for New Ways to Secure Cloud Services The increasing use of containers and orchestration tools, such as Kubernetes, are driving demand for new cloud security and application deployment processes, according to research from the according to research from the Cloud Security Alliance presented Monday at the RSA 2020 conference.

Cloud 200

How IoT Changes Security

Data Breach Today

Steve Rog of ForeScout Technologies on Improving Security Hygiene The growth of IoT means traditional methods of security are inadequate, says Steve Rog of ForeScout Technologies, who calls for improvements in security hygiene

IoT 208

Testing Medical Device Security During COVID-19 Crisis

Data Breach Today

As manufacturers - including companies such as automakers that do not typically produce healthcare devices - race to help fill medical equipment shortages during the COVID-19 crisis, steps must be taken to ensure adequate security testing, says Fairuz Rafique of cybersecurity services firm EmberSec

API Security and Hackers: What’s the Need?

Security Affairs

API Security – There is a considerable demand for data-centric projects, that is why companies have quickly opened their data to their ecosystem through REST or SOAP APIs. Here are the simple tips for API security, let’s have a look! Call Security Experts.


Security Breach Disrupts Fintech Firm Finastra

Krebs on Security

Finastra , a company that provides a range of technology solutions to banks worldwide, said it was shutting down key systems in response to a security breach discovered Friday morning. “We wish to inform our valued customers that we are investigating a potential security breach.

Lack of Secure Coding Called a National Security Threat

Data Breach Today

The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices

Paper 213

Security Firm Checkmarx Getting New Owner

Data Breach Today

Billion Checkmarx, an Israeli security company that has made its mark in DevOps and application security testing, soon will have a new owner. Deal Values the Company at $1.15

Thermal Imaging as Security Theater

Schneier on Security

Seems like thermal imaging is the security theater technology of today. These features are so tempting that thermal cameras are being installed at an increasing pace.

Teleworking by Healthcare Employees: Security Challenges

Data Breach Today

With increasing demands on healthcare organizations to quickly accommodate a surge of teleworking employees as a result of the COVID-19 pandemic, IT and information security departments need to exercise security vigilance, says former healthcare CIO Drex DeFord

What the Marriott Breach Says About Security

Krebs on Security

Or a previously unknown security flaw gets exploited before it can be patched. They’re reshuffling the organizational chart so that people in charge of security report to the board, the CEO, and/or chief risk officer — anyone but the Chief Technology Officer.

Hacked Law Firm May Have Had Unpatched Pulse Secure VPN

Data Breach Today

REvil Gang Still Threating to Release More Data A recent ransomware attack that targeted a law firm that serves celebrities may have been facilitated by a Pulse Secure VPN server that was not properly patched and mitigated against a well-known vulnerability, some security experts say

Securing Connected Medical Devices

Data Breach Today

Safi Oranski of CyberMDX Says to Secure Them, First You Have to Find Them A major challenge in ensuring medical device security is tracking all of these devices, says Safi Oranski of CyberMDX, who offers a review of other critical issues

Update: Internet Security Threat Report

Data Breach Today

Kevin Haley of Symantec Shares Key Findings Kevin Haley of Symantec shares key findings from the company's latest Internet Security Threat Report

Cloud Protection: How to Secure Server Environments

Data Breach Today

Cloud 211

America Seeks 5G and Supply Chain Security

Data Breach Today

Former US Homeland Security Secretary Michael Chertoff Describes the Next Steps The U.S. is late to the 5G race.