Security News

John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023 What is the IBM Cost of a Data Breach Report? The IBM Cost of a Data Breach...

German law enforcement has announced the disruption of a dark web platform called Kingdom Market that specialized in the sales of narcotics and malware to "tens of thousands of users."...

The Chameleon Android banking trojan has re-emerged with a new version that uses a tricky technique to take over devices - disable fingerprint and face unlock to steal device PINs. It does this by using an HTML page trick to acquire access to the Accessibility service and a method to disrupt biometric operations to steal PINs and unlock the device at will.

According to the security policies, established in the organization, only 100 users had legitimate access rights to the file. Only a specialized advanced DCAP system is capable of revealing that a document with confidential content is kept in publicly available storage and that users inside corporate perimeter, who don't have legitimate access rights to the file, access or process it.

Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel...

Some of the essential questions security teams ought to be asking themselves include: How do we manage and safeguard aspects like confidentiality, integrity, and availability of data? What strategies can we employ to protect our data against cyber threats and misuse? How do we address the security challenges that emerge with expanding data repositories? How do we differentiate between valuable data and redundant information? Security teams may need to engage in discussions with business units to clarify issues such as how we are applying our data.

The manufacturing industry is embracing digital transformation to fuel efficiency and productivity. This evolution is accompanied by profound and growing cybersecurity challenges.

In this Help Net Security video, Rowland Corr, VP & Head of Government Relations at Enea, discusses the implications of burner phones and the crisis of confidence in network operators as they...

In an audit [PDF] published Tuesday, the OIG found NASA has a "Comprehensive privacy program that includes processes for determining whether information systems collect, store, and transmit PII; publishing System of Records Notices; and providing general privacy training to its workforce." That's a welcome assessment, given NASA employs around 16,000 people and - as with all government agencies - collects PII about them and the contractors, partners, and members of the public it engages.

Passwordless authentication emerges as a calculated response, eliminating the inherent weaknesses of conventional passwords. The average user has an overwhelming 227 accounts that require a password, making it unrealistic to expect anyone not using a password manager to be able to adequately secure and manage their digital lives.