Spear phishing is the common trigger to many of the most popular - and successful - targeted attacks. How can organizations improve their defenses? Jon Clay of Trend Micro tells how to better spot and stop spear phishing.
Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices. But security experts warn that weak RDP credentials are in wide circulation on darknet marketplaces and increasingly used by ransomware attackers.
To be successful, the quest to mitigate insider threat risks must start at the time employees are hired and continue as they move into different positions requiring varying degrees of data access, says Suzanne Widup of Verizon Enterprise Solutions.
Equifax ex-CEO Richard Smith asserts that a single employee's failure to heed a security alert led to the company failing to install a patch on a critical system, which was subsequently exploited by hackers. But his claim calls into question whether poor patch practices and management failures were the norm.
In response to nation-state attackers targeting its account users, Google reportedly is planning to offer stronger authentication to politicians, corporate executives and other at-risk individuals as part of a service called the Advanced Protection Program.
Two dozen federal agencies continue to experience security weaknesses in five critical areas, putting government systems and data at risk, according to a new watchdog agency report. But which agency spends the most on IT security?
A federal criminal case alleges that a former Hewlett-Packard Enterprise Corp. employee shut down Oregon's Medicaid information systems for several hours after he was laid off. Some security experts caution organizations to take steps to minimize risks from workers who are laid off or fired.
A zero-day vulnerability in Apple's built-in password manager can be exploited, allowing attackers to steal all stored credentials in clear-text format, a security researcher warns. The flaw affects the latest version of macOS - High Sierra - plus one or more prior versions.
A former systems administrator who worked at a Pennsylvania clinic group for only about three weeks has been sentenced to 27 months in prison in a case involving wire fraud and hacking computers. The case highlights the importance of managing administrative credentials, especially when employees leave.
In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.
The arrest of 10 men in Uttar Pradesh for allegedly cloning fingerprints of authorized Aadhaar enrollment officers is once again stirring debate over whether it's wise for India to rely so heavily on Aadhaar for authentication.
A former cybersecurity analytics specialist at health insurer Anthem, which experienced a massive data breach, offers insights on key steps organizations should take to avoid becoming the next breach victim in the headlines.