Tuesday, January 28, 2020

Magecart-related arrests made in Indonesia

Three members of a group that infected hundreds of websites from around the world with payment card stealing malware were arrested in Indonesia, the International Criminal Police Organization (INTERPOL) announced Tuesday. The arrests are the result of a larger...

Remembering Chris Christensen

Last Friday, former IDC analyst, Chris Christensen, passed away.  I learned this sad news from my colleague John Grady who worked with Chris for many years.  Another colleague, Christina Richmond, also worked with and for Chris at IDC.  Christina...

5 ways to cope with the cybersecurity skills shortage (that don’t involve hiring)

As part of the ESG annual IT spending intensions research for 2020, respondents were asked to identify the area where their organizations have a problematic shortage of skills.  Cybersecurity topped the list of problematic skills shortage areas, just as...

Closing the security gap in OT/IT convergence

Schneider Electric knows the business value of connecting its 200-plus distribution and production centers and converging them with IT systems. As more and more industrial environments are connected through sensors and actuators to produce data for proactive insights and...

BrandPost: Integrating Smart Systems: From Connected Cars to Security

There is probably no better example of the potential for digital innovation, and the challenges we will need to overcome to get there, than the smart car.Over the past several years, cars have become increasingly sophisticated. Safety systems include...

Insecure configurations expose GE Healthcare devices to attacks

Researchers have found insecure configurations of the remote access and administration features present in several patient monitoring devices and servers made by GE Healthcare that are used in clinics and hospitals around the world. The identified issues involve the...

BrandPost: Security Performance in the Age of Digital Transformation

The twin pillars of digital innovation are scalability and performance. Cloud and SD-WAN provide agility and flexibility for constantly shifting business requirements, enabling organizations to dynamically scale compute, storage, application delivery and other functions to meet the escalating demands...

What is cryptojacking? How to prevent, detect, and recover from it

Cryptojacking definition Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer, or by...

How the Tour de France secures its broadcast from disruption

Once a rarity, cyber incidents in the sporting industry are becoming common. While sports organizations have large amounts of sensitive, valuable information, the incidents themselves are often tied to the political climate.To read this article in full, please click...

How to implement Windows 7, Server 2008 security updates after end-of-life

January 14, 2020 was the official end of the road for public updates for Windows 7, Windows Server 2008 R2 and Windows Server 2008 SP2. The many organizations that continue to use them will need to find a way...

What is a buffer overflow? And how hackers exploit these vulnerabilities

Buffer overflow definition A buffer overflow or overrun is a memory safety issue where a program does not properly check the boundaries of an allocated fixed-length memory buffer and writes more data than it can hold. This causes data to...

Tracking Privacy from a Risk Standpoint

One of the lasting impacts of GDPR, the European privacy regulation that went into effect in May of 2018, has been that the security function has gained an awareness of privacy. Privacy now carries with it a risk weight...

What the Brexit Withdrawal Agreement Bill means for data protection and the GDPR

After years of turmoil, it seems the UK finally has a deal that sets out how it will leave the European Union (EU). Prime Minister Boris Johnson’s Withdrawal Agreement Bill shares many similarities with the withdrawal agreement put forward by...

US elections remain vulnerable to attacks, despite security improvements

Days away from the Iowa caucuses, and less than 11 months from the general election, voting and election security continues to be a challenge for the U.S political system. Threats to a secure election appear to loom as large...

Welcome to Insider Pro

For more than 50 years, IDG has earned the trust of its readers with authoritative coverage of the technology industry. Insider Pro is the natural evolution of the insightful coverage our publications have produced for decades.

Data on the rise: 4 new challenges security must master

You've likely heard that 90% of the world’s data was created over the last two years.  This phrase, often quoted, sometimes attributed, is passing through the public consciousness, on its way to becoming trivia.  Before its reduced to a...

How Adobe monitors cloud deployments to control shadow IT

Too little security leads to data breaches, but too much security can wind up with the same result. Employees eager to do their jobs and fettered by what can sometimes seem like unnecessary restrictions on their ability to do...

What is information security? Definition, principles, and jobs

Information security definition Information security, sometimes abbreviated to infosec, is a set of practices intended to keep data secure from unauthorized access or alterations, both when it's being stored and when it's being transmitted from one machine or physical location...

Why multicloud security is your next big challenge

Companies deploy an average of three to five different cloud services. With an increased emphasis on security and regulatory compliance, the capability to manage these disparate systems is crucial.

What’s ahead for digital identity in 2020?

In 2019, the identity sector began to open its eyes, rubbing the sleep out of them, as the world awoke to the purpose and power of identity.To read this article in full, please click here(Insider Story)
ZDNet

DEF CON China conference put on hold due to coronavirus outbreak

DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.
The Register

Remember the Clipper chip? NSA’s botched backdoor-for-Feds from 1993 still influences today’s encryption debates

We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago Enigma  More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still...

Average Ransomware Payments More Than Doubled in Q4 2019

Ransomware attackers collected an average of around $84,000 from victim organizations, up from $41,000 in Q3 of 2018, Coveware says.
The Security Ledger

Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable

Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...

One Small Fix Would Curb Stingray Surveillance

The technology needed to limit stingrays is clear—but good luck getting telecoms on board.