Up to 90% of software security problems are caused by coding errors, which is why secure coding
standards are essential. There are several secure coding practices you can adopt. But, to write truly
secure code, you need a secure coding standard.
Here, we explain what are secure coding standards and how to...
A bipartisan group of senators has sent a letter to Google, Twitter, Verizon, AT&T and online advertising firms and networks raising national security concerns about the selling of citizens' personal data, which could end up in the hands of foreign governments.
Cybersecurity weaknesses persist throughout the U.S. Department of Energy's unclassified networks, including those of the National Nuclear Security Administration, according to an inspector general audit.
How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.
We’ve gone from a remote workforce to “work from anywhere.” How does this create new security challenges regarding the broad and unrestricted accessing of cloud apps? Sasi Murthy of Netskope discusses the path to zero trust data protection.
To deliver a secure infrastructure-as-code service, development teams must adopt a shift left strategy to bring all the applications and security under one umbrella to provide faster and continuous delivery of the fully automated code, according to Ori Bendet and Igor Markov of Checkmarx.
The revelation that 533 million previously stolen Facebook account records have been made public on a darknet forum should inspire organizations to take aggressive action to further protect customer data security, some security experts say.
For the majority of 2020 the entire world grappled with massive change - in how we lived, how we worked, how we connected. Malicious actors took advantage of our need for news on the pandemic and rushed to set up numerous sites to phish for credentials and drop malware - often mimicking content from the CDC, ECDC,...
A Kansas man faces federal charges for allegedly accessing the network of a local water treatment facility and tampering with the systems that control the cleaning and disinfecting procedures, according to the Justice Department. The charges follow a similar security incident at a Florida facility.
As more organizations adopt Microsoft 365 Exchange for email services in the cloud, it’s important to consider whether available native tools are sufficient to protect your organization against the full range of email-based threats.
Find the answers in this infographic which highlights how Microsoft 365 Exchange...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued multiple alerts over concerns that the rush to use Microsoft 365 and other cloud productivity platforms as a result of the COVID-19 pandemic may expose organizations to undue risk.
Download this checklist and evaluate your organization’s...
If trust exists on a continuum with no trust at one end and complete trust at the other, where does trust in someone’s identity lie? It’s somewhere in between - pushing closer to no trust, in the interest of security, but not quite yet reaching the “zero trust” ideal on which we’ve fixed our gaze.
Four editors at Information Security Media Group discuss important cybersecurity issues, including dealing with attacks targeting the aging Accellion File Transfer appliance and taking steps to enhance employee authentication.
CISA is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to the unpatched vulnerabilities in on-premises Microsoft Exchange email servers.