New Year, New Account Fraud: Identity Theft May Be Holding Back Your Customer Experience Resolutions

The beginning of a new year is a great time to resolve to improve your customer experience. One of the best places to start is the new account creation process. Financial institutions can spend hundreds, even thousands of dollars per new customer acquisition. Yet too often, potential customers abandon the online account creation process because […]

Intel’s Response to Chip Meltdown Deepens Rift With Microsoft

Intel cautioned against going too far with software techniques to fix the vulnerabilities, implying slowdowns might be the fault of overzealous coders. It praised Google’s fix while withholding any recommendation for Microsoft’s approach. Programováno od Hledejte NEJLEVNĚJI na HEURÉCE

Don’t Leave Your Keys in the Ignition — Safeguard High-Value Data With Privileged Access Management

User access credentials are prime targets for cyberthieves. Phishing and other social engineering attacks are all about obtaining access, and the advice you read about strong passwords and two-factor authentication is all about preventing bad actors from gaining access to your organization’s network. But all user access is not created equal. What attackers really want […]

Apple’s iCloud in China Set to Move to State-Controlled Data Center

In order to comply with a recently enacted Chinese law, Apple will begin migrating China-based iCloud accounts to its new Chinese data center next month. The facility is operated by Guizhou-Cloud BIg Data, which is supervised by Guizhou State government. Programováno od Hledejte NEJLEVNĚJI na HEURÉCE

Identifying Named Pipe Impersonation and Other Malicious Privilege Escalation Techniques

Privilege escalation is one of the key components of any attack that involves penetrating a system. If threat actors have limited access due to a current user’s privilege levels, they will naturally aim to escalate their privileges before expanding the scope of the attack. How can security professionals detect malicious escalation techniques before adversaries get […]

Don’t Get Scared — Get Back in Operation With the Right Incident Response Strategy

Incident response (IR) is a significant challenge because organizations are often shellshocked when faced with a cyberattack. IR teams may have the right skills to react to and resolve security events, but a lack of preparation can exacerbate the problem at hand. To carry our their missions quickly and completely, IR teams need unfettered access […]

New Supercomputer to Extend NOAA’s Weather Predictions by Six Days

The administration says two new Dell systems being added to existing IBM and Cray clusters in Virginia and Florida data centers will boost its compute power by one third and storage by 60 percent, extending its visibility into future weather from 10 to 16 days. Programováno od Hledejte NEJLEVNĚJI na HEURÉCE

Five Epic Fails in Data Security: Do You Know How to Avoid Them?

Data security is on everyone’s mind these days, and for good reason. The number of successful data breaches is growing thanks to the increased attack surfaces created by more complex IT environments, widespread adoption of cloud services and the increasingly sophisticated nature of cybercriminals. One part of this story that has remained consistent over the […]

Six Major Data Breach Trends From 2017

It seems like the moment the security industry collectively comes to grips with the latest publicly disclosed data breach, another bigger and badder security incident surfaces to shake it up, prompting many enterprises to worry if the same could happen to them. Fortunately, by tapping into the overarching themes and patterns of these recent breaches, […]

CPU Vulnerability Can Allow Attackers to Read Privileged Kernel Memory and Leak Data

A hardware vulnerability, discovered independently by researchers from academia and Google, underscores a microprocessor flaw that, if exploited, could allow an attacker to read data from privileged kernel memory. This vulnerability is considered an important flaw for complex infrastructures and cloud deployments and must be addressed to prevent potential future impact. Since this flaw impacts […]

The Enterprise Imperative: Five Tips for Improving Incident Response

On Dec. 13, The Wall Street Journal brought its Pro Cybersecurity Executive Forum to New York, and the response was overwhelming. The sold-out event welcomed a healthy mix of C-suite executives and IT decision-makers who were ready and eager to learn. I recently had a chance to catch up with Christopher Scott, global remediation lead […]

Five New Year’s Resolutions to Help CISOs Improve Enterprise Security in 2018

If you survived 2017 — a year full of data breaches, ransomware, distributed denial-of-service (DDoS) attacks and a multitude of other high-profile security incidents — you deserve a pat on the back. Some of us weathered the storm thanks to our careful preparations, the security controls we deployed, the incident response strategies we practiced and […]

Transform Your Security Strategy to Avoid Digital Roadblocks

If you are a chief information security officer (CISO) in a midsized or large organization, you might be familiar with this problem: The marketing department just launched a campaign and is collecting customer information on an unverified partner system. In addition, another business unit is launching a digital sales channel and has established its own […]