Security News

As COVID-19 spreads across the globe, what challenges are CISOs and other cybersecurity executives dealing with and what things they don't want to be dealing with at the moment? Finally, as the economy takes a hit due to COVID-19 and the widespread "Shelter in place" directives, cybersecurity executives can expect some of the previously allocated cybersecurity budget to be cut and the funds redirected towards measures that will keep the organization afloat.

U.S. Sen. Mark R. Warner this week sent letters to six Internet networking device vendors urging them to ensure that their products remain secure during the COVID-19 social distancing efforts. The coronavirus pandemic has forced many to isolate themselves at home to help stop the virus spread, which resulted in a significant increase in the use of Internet networking devices for remote work, health, and education purposes.

More than half of all healthcare vendors have experienced a data breach that exposed protected health information, and it's a costly problem that points to broken third-party risk assessment processes, according to data released by the Ponemon Institute and Censinet. The report shows that 54 percent of healthcare vendors have experienced at least one data breach of protected health information belonging to patients of the healthcare providers they serve.

They can still upgrade from Windows 7 to Windows 10 for free, but those who continue to use Windows 7 now that support has ended are simply more vulnerable to security risks. In addition to that, the good news is that some browser and many AV manufacturers will continue to offer Windows 7 support.

SecureLink, the leader in vendor privileged access management, released SecureLink for Healthcare to provide hospitals and healthcare organizations a centralized solution for managing privileged access for third-party vendors. It is customized to meet the needs of organizations operating under HIPAA and HITECH regulations and gives network administrators the ability to limit access to specific systems and applications, while providing a full video audit and keystroke logging of sessions.

Four antivirus providers have released patches for an issue that was initially detailed by a researcher more than 10 years ago. Reported by Thierry Zoller in 2009, the bug resides in an attacker's ability to craft compressed archives that, although accessible to a user, cannot be scanned by the antivirus product.

There is a high level of skepticism about claims due to vague product descriptions, ambiguous statistics, limited ability to measure product effectiveness, and a general lack of follow-through by...

Vendors get low marks for customer support and committing to benchmarks.

With the proliferation of SaaS solutions, API integrations and cloud computing, virtually everything in the modern enterprise is connected to untold number of outside entities. In fact, many...

Risk Based Security reported today that VulnDB aggregated 11,092 vulnerabilities with disclosure dates during the first half of 2019, with CVE/NVD falling behind by 4,332 entries, according to...