Because open source components have known vulnerabilities, it's important for companies to invest in the right tools to help developers build the right applications, says Patrick Pitchappa of BNP Paribas banking group.
It's important to look into the inherent risks of engaging with vendors before getting into assessing individual companies, says Devender Kumar, CISO at TMF Group, who discusses how to handle risks arising from third parties.
For two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to target customers of 14 different Canadian banks via phishing attacks, security researchers at Check Point warn.
Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S. intelligence agencies believe ToTok was developed by the United Arab Emirates government to spy on its citizens. The government bans rival offerings.
The year 2019 saw a marked increase on breach responses services for small-to-midsized businesses. Kristin Judge, CEO of the Cybercrime Support Network, outlines the state of cybersecurity for the midmarket.
The gang behind Maze ransomware now lists 21 alleged victims on its website that it says have not paid a demanded ransom, including the Florida city of Pensacola. But Canadian construction firm Bird, which was listed as a victim, subsequently disappeared from the list.
MasterCard will acquire security startup RiskRecon for an undisclosed sum, the two companies announced Monday. The deal will allow MasterCard to offer third-party risk assessment to its business customers and consumers.
Ransomware: It's the cybercrime "gift" that won't stop taking. What can organizations do to improve prevention, detection and response in 2020? Ex-FBI leader MK Palmore of Palo Alto Networks shares his insights.
Three member of a cybercriminal gang that used the GozNym malware platform to steal approximately $100 million from victims across the world have been sentenced for their roles in the scam, according to U.S. Justice Department and prosecutors in the country of Georgia.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
What are the key experiences, capacities and skills needed by the next generation of cybersecurity leaders, as they prepare to address enterprise business risk in the next decade? Ex-CISO and current advisor Christopher Hetner shares his vision of the future of cyber leadership.
The MyKings botnet, which has been spreading cryptominers and other malware, continues to grow in sophistication, using steganography to hide malicious updates, Sophos Labs reports. New research also shows attackers are exploiting the EternalBlue vulnerability in Windows.