New research finds nearly half of organizations regularly and knowingly ship vulnerable code despite using application security tools. Among the top reasons cited for pushing vulnerable code were pressure to meet release deadlines (54 percent) and finding vulnerabilities too late in the software development lifecycle (45 percent), according to the Veracode and Enterprise Strategy Group (ESG) research.
SANS Institute, a provider of cybersecurity training and certification services, lost approximately 28,000 items of personally identifiable information (PII) in a data breach that occurred after a single staff member fell victim to a phishing attack.
Regardless of the exact wording of The CMS Interoperability and Patient Access final rule, it’s clear that healthcare executives will be spending considerable time this year thinking about, planning for, and implementing technologies that support healthcare data exchange.
When it comes to PKI, leaders have two options: build it or move it to the cloud. PKI as-a-Service (PKIaaS) platforms are becoming a popular investment choice that provide all the benefits of a privately rooted PKI, but without the cost and complexity of running it in-house. PKIaaS providers can deliver a much more effective, and ultimately more secure, PKI than most enterprises can achieve on their own. Regardless of whether the choice is to build or buy, teams must consider six key requirements to ensure in-house or out-sourced PKI success – and digital identity security.
The U.S. Department of State’s Rewards for Justice (RFJ) program is offering a reward of up to $10 million for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities.
DefenTec began as a managed services provider (MSP) before transitioning into a managed security services provider (MSSP). Now, in addition to optimizing their clients’ data environments through managed services, IT support and consulting, and cloud computing, DefenTec also fortifies them through a full range of managed security services, including secure Wi-Fidesign, network audits, and of course, password management. How does DefenTec use KeeperMSP to further guard their clients from cyberattacks?
COVID-19 has initiated a whole new host of cybersecurity threats. Twitter was one of the latest victims, its employees allegedly being targeted so that hackers should take over the accounts of certain verified users. And just before that, a June 25 story in The New York Times detailed the way in which a foreign entity is attempting to infiltrate American business by taking advantage of remote employees whose organizations – more than 400 million worldwide – use virtual private networks (VPNs).
A new Digital Shadows report focuses on the escrow systems used on cybercriminal forums. These systems are deeply sophisticated, relying not just on similar technological mechanisms as traditional ecommerce, but on social, community oriented mechanisms as well, such as arbitration.