Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
As CSO of CDK Global LLC, Craig Goodwin has been part of the rollout of a new API platform that he believes will revolutionize automotive purchasing. Goodwin offers his perspective on security's role in application DevOps.
But can we ever truly be password-free? What does this mean from a technological and security standpoint? How will this impact the digital identity trust we try to establish with our customers?
Mirai, the powerful malware that unleashed unprecedented distributed denial-of-service attacks in 2016, has never gone away. And now a new version has been equipped with fresh exploits that suggest its operators want to harness the network bandwidth offered by big businesses.
Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system. So went the pitch from the NSA's Rob Joyce at this year's "Get Your Free NSA Reverse Engineering Tool" presentation at RSA Conference 2019.
F5 Networks is a vendor of application security solutions, but its DevSecOps professionals also have the need for actionable threat intelligence, says Preston Hogue, who discusses the advent of new solutions.
Organizations may have great cybersecurity intentions, but translating those desires into a robust security reality is often challenging, says Ratinder Ahuja, CEO of ShieldX Networks. That's why he advocates automation to ensure intention equals reality.
Machine learning systems adapt their behavior on the basis of a feedback loop, so they can overlearn and develop blind spots, which if not understood by practitioners can lead to dangerous situations, says Sam Curry of Cybereason.
"Security by design" is at an inflection point as a result of advances in automation, orchestration, artificial intelligence and machine learning, says Lee Waskevich of ePlus Technology.
Getting a telemetry stream back from applications can help organizations to "adjust much more quickly to see how practical attacks are happening on the endpoint and then go to mitigate," says Aaron Lint of Arxan.
Greg Jensen of Oracle Security discusses highlights of the Cloud Threat Report, prepared in partnership with KPMG, and why shared responsibility is now a primary focus.
More than half of 250 anti-virus applications available in Google's Play Store offer insufficient protection against malicious software, according to a new study by testing firm AV Comparatives. One clear takeaway for all Android anti-virus users: Select products carefully.
CenturyLink has opened Black Lotus Labs, which focuses on threat research used to share information with customers as well as initiate takedowns of networks used to support cybercrime activities, says Peter Brecl, a director at the company.
In the latest stop in this roundtable dinner series, ISMG and Zscaler visited Seattle on Feb. 26 to discuss security's role as a catalyst for digital transformation. It was a diverse crowd - and a mature conversation, says Bil Harmer, Americas CISO with Zscaler.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.