Multifactor authentication needs to move away from one-time passwords sent via text message and embrace modern standards that prevent man-in-the-middle attacks. Plus, excessive identity challenges online lead to 20% of e-commerce transactions being abandoned, say experts at Authenticate 2022.
Days of accusations that the longtime head of the German government agency responsible for securing the government from cyberthreats has ties to Russia ended with his dismissal. Arne Schönbohm "damaged ... public confidence," said a spokesperson for the Ministry of the Interior.
In the wake of former Uber CSO Joe Sullivan being found guilty of a criminal data breach cover-up, legal experts say CISOs shouldn't be running scare, but should ensure they have well-defined incident response playbooks and remember to always clearly document what they're doing and why.
A study by data privacy firm Lokker found thousands of healthcare providers deploying Facebook Pixel and other similar tracking tools. Those trackers reveal "medical and other data that consumers don't know is being tracked and haven't authorized," says Ian Cohen, Lokker's chief executive officer.
A new round of Pegasus infections among journalists and a human rights activist is sending shock waves into Mexican politics as the attorney general's office says it is investigating the previous presidential administration's purchase of the smartphone spy app.
In the latest "Proof of Concept," Lisa Sotto of Hunton Andrews Kurth LLP and former CISO David Pollino join ISMG editors discuss the first California consumer protection fine issued against retailer Sephora, defending against new ransomware tactics, and mitigating the impact of Zelle scams.
Plan for a ransomware attack the same way you plan for a hurricane, says Paige Peterson Sconzo, director of healthcare services at security firm Redacted Inc. A cyber incident capable of disrupting network connectivity requires careful thinking about how to revert to the pre-internet era.
Perennial leaders ForgeRock, Ping Identity and IBM, along with a surging Okta, set themselves apart from the pack of CIAM vendors in the latest report by KuppingerCole analysts. Ping Identity leapfrogged ForgeRock to capture the gold in product leadership, and IBM once again took the bronze.
Probe deep enough into a once-obscure subsystem in the Windows operating system called the Common Log File System and you might come out the other end with system privileges. Researchers on Zscaler’s ThreatLabz research team say the root cause of a recent CLFS zero-day resides in base file metadata.
The threats come at a scale that no enterprise has seen before, and it is harder to recruit and retain staff to detect and respond. Yet, how can business leaders determine if an MSP is capable of adapting as their organization's security needs change? WatchGuard's Corey Nachreiner shares advice.
In the latest weekly update, ISMG editors discuss the trending themes from the 2022 ISMG Southeast Summit, plans by cryptocurrency exchange Binance to implement security measures to shore up cross-chain vulnerabilities, and the viability of a proposed data flow agreement between the U.S. and Europe.
The Biden administration will put more critical infrastructure sectors, such as water, under mandates to ensure minimal cybersecurity standards. The White House is also ramping up interest in consumer cybersecurity by initiating a labeling program for the internet of things.
Earlier this year, Sri Lanka became the first South Asian country to pass privacy legislation, which will go into effect in 2023. ISMG talked to several privacy experts about the highlights of Sri Lanka's Data Protection Act and what companies are doing to comply with the new regulations.
Immersive Labs completed a funding round just weeks after laying off 10% of its workforce to cover more developer languages and safeguard Azure and Google Cloud. The Ten Eleven Ventures-led funding will help Immersive Labs expand its coverage from frontline cybersecurity staff to development teams.
One zero-day down but two Microsoft Exchange zero-days to go in this month's dose of patches from the Redmond, Washington computing giant. Microsoft fixed a COM+ flaw being exploited in the wild but for now is relying on workarounds for two known email server bugs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.
