Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A former congressional staffer has pleaded guilty to five federal offenses that stem from illegally posting online the home addresses and telephone numbers of five Republican senators who backed Brett Kavanaugh’s Supreme Court nomination. [Read More]
Two companies exposed more than 540 million records containing information on Facebook users and their activities via unprotected AWS S3 buckets. [Read More]
Georgia Tech says someone gained unauthorized access to a database storing the details of 1.3 million people. The breach occurred in December 2018, but it was only discovered in late March. [Read More]
The details of up to 3.1 million Toyota customers in Japan may have been stolen as a result of a security breach at a sales subsidiary. This is the second incident reported by the carmaker in recent weeks. [Read More]
Harold T. Martin III, a former NSA contractor accused of stealing classified documents from the agency’s headquarters, pleaded guilty to willful retention of national defense information. [Read More]
A second critical crypto vulnerability that can be exploited to hide vote manipulation has been discovered in the Swiss e-voting system. [Read More]
The Federal Emergency Management Agency wrongly released to a contractor the personal information of 2.3 million survivors of devastating 2017 hurricanes and wildfires, potentially exposing the victims to identity fraud and theft. [Read More]
D.C. Attorney General Karl A. Racine introduces the Security Breach Protection Amendment Act of 2019, a bill that aims to expand breach laws and enhance data security. [Read More]
Security researchers found that SoftNAS Cloud Enterprise customers with openly exposed SoftNAS StorageCenter ports directly to the internet are vulnerable to an authenticated bypass. [Read More]
Norwegian metals and energy giant Norsk Hydro is working on restoring systems after being hit by ransomware, but the company says it does not plan on paying the hackers. [Read More]
- 1 of 101
- ››
FEATURES, INSIGHTS // Data Protection
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
While a boon to productivity, some of the most ubiquitous file sharing services across the Internet are also at the heart of a global problem – publicly exposed data.
More vulnerabilities create more attacks; more attacks breed additional fatigue. So how can we wake up and fix the problems creating such a widespread headache?
When we look at this cycle of stealthy and silent data breaches, we have to ask ourselves: how can such tremendous amounts of data leave our corporate networks without raising any alarms?
- 1 of 15
- ››
SecurityWeek Daily Briefing
- State-Sponsored Hackers Use Sophisticated DNS Hijacking in Ongoing Attacks
- Respect Is Key for Retaining Top Security Talent
- Russian Hackers Use RATs to Target Financial Entities
- Symfony, jQuery Vulnerabilities Patched in Drupal
- Network DoS Attack on PLCs Can Disrupt Physical Processes
- Cisco Patches Critical Flaw in ASR 9000 Routers
- Mysterious Operative Haunted Kaspersky Critics
- Bad Bots Steal Accounts, Content and Skew the Web Ecosystem
- Fortinet Settles Whistleblower Case for $545,000
- Russian Hackers Scrambled to Erase Digital Footprints After Triton Attribution Report
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy