The usual advice for major security flaws is to patch as quickly as possible. Now Intel is calling for a full stop due to imperfect patches for a trio of chip security vulnerabilities known as Meltdown and Spectre.
When building a next-generation cybersecurity operations center, or CSOC, organizations must first understand their attack profile and determine the scope of threat monitoring needed, says Jagdeep Singh, CISO at Rakuten India, an e-commerce company.
Leading the latest edition of the ISMG Security Report: Why some organizations with working backups still choose to pay a ransom after suffering a cryptolocking malware attack. Also featured: The U.S. government's push to bolster the private sector's "active defenses."
Jason's Deli is the latest business in the hospitality or retail sector to warn that attackers used malware to steal customers' card details. The restaurant chain says 2 million payment cards were stolen from 164 restaurants during the seven-month breach.
Intel says firmware updates it developed to help protect users against the Meltdown and Spectre vulnerabilities have been causing not just older CPUs but also its newest processors - in both client devices and data center servers - to reboot much more frequently than they should.
BlackBerry mobile devices have become a rare sight. But drivers of Audi, GM and Mercedes vehicles may be using the company's embedded operating system in their cars, and with a new tool called Jarvis, BlackBerry is also making a play to secure the code used to drive autonomous vehicles.
As a longtime investor in companies offering cybersecurity solutions, Alberto Yépez of Trident Capital Cybersecurity is most concerned by a lack of investment in one key area; replacing aged technologies that are supporting critical infrastructure industries, such as power utilities.
The CIA has attributed last year's outbreak of NotPetya wiper malware to Russia's GRU military intelligence unit, The Washington Post reports. Other intelligence agencies and information security experts have reached similar conclusions, warning that Russia's hybrid warfare campaigns are intensifying.
We are amidst a new "machine identity crisis," says Jeff Hudson, CEO of Venafi. And unless we tackle this growing challenge of how to secure machine-to-machine communication, then enterprise IT and security departments are likely to be overwhelmed.
This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.
The cyber espionage group that executed a campaign against the Democratic Party has been gearing up to attack the U.S. Senate, cybersecurity firm Trend Micro warns. Separately, a Senate report demands that the White House do more to prevent the 2018 and 2020 U.S. elections from being disrupted.
The browser is the window to the web. But what's going in the background during that browsing is opaque to most users. A new experiment shows how the computing power of tens of thousands of computers could be unknowingly harnessed to crack passwords, harvest cryptocurrencies or conduct DDoS attacks.
There are roughly 3,000 cybersecurity vendors in the market today, and former FireEye CEO Dave DeWalt says conditions are right for even greater market growth. How does he see the marketplace evolving in 2018?
An attacker who gains physical access to a corporate PC with an Intel chip could exploit the built-in Active Management Technology to backdoor the system in about 30 seconds, unless default AMT credentials have been changed, Finnish security firm F-Secure warns.
In a reversal, chipmaker AMD is now warning that its chips are susceptible to the speculative execution flaws in microprocessors known as Spectre, but not to the Meltdown. Separately, Intel has confirmed that its firmware updates have led to stability problems for older Broadwell and Haswell processors.