While the cybersecurity industry has increasingly focused on the roles artificial intelligence and machine learning can play in thwarting attacks, the humans behind the algorithms remain both points of strength and weakness, says RSA President Rohit Ghai, who keynoted the RSA 2020 conference on Tuesday.
Granicus, one of the largest IT service providers for U.S. federal and local government agencies, acknowledges that it left a massive Elasticsearch database exposed to the internet for at least five months, but it says the risks involved were low.
Mobile banking customers are being targeted by yet another SMS phishing campaign, according to new research from IBM X-Force. This time, however, in addition to trying to steal usernames and credentials, the attackers are also attempting to install Emotet malware.
The U.S. Census Bureau has not done enough to address cybersecurity issues in preparation for the 2020 census, which is slated to begin in April, according to a new report from the Government Accountability Office.
A newly identified hacking group has been targeting gambling companies in Asia, the Middle East and Europe, using backdoors to steal source code and other data, according to new research from security firm Trend Micro.
With the rise of automation, remote access, and the ever-expanding Internet of Things (IoT), IT and OT teams are collaborating at an unprecedented rate to strengthen organizational network security. Business operations that rely on machinery and physical processes are no longer disconnected from the world.
Hacking incidents involving email appear to be the most common type of major health data breach being reported to federal regulators so far in 2020. But the largest breach added to the tally involved a type of incident rarely seen in recent years: the theft of an unencrypted laptop.
An unsecured database belonging to a French technology firm that supplies video and digital equipment to plastic surgery and dermatology clinics exposed content on 900,000 patients, according to a report from two independent security researchers.
You already have some sort of third party security program in place - perhaps you've built a security questionnaire based on internal policies or an industry standard such as ISO or NIST. You may have even "right-sized" your questionnaire specifically for different types of supplier relationships and developed a few...
Hundreds of pediatric healthcare providers in Massachusetts were still unable to access their electronic health record systems Thursday after a malware attack earlier this week on a large physician network affiliated with Boston Children's Hospital. What can others learn from the incident?
As the U.S. ramps up pressure on its allies to ban equipment from Chinese manufacturer Huawei from their 5G networks, U.S. officials now say they have evidence that the firm has created a backdoor that allows it to access mobile phone networks around the world, the Wall Street Journal reports.
Intelligence agencies in the United States and West Germany secretly owned a controlling stake in Swiss firm Crypto AG for decades and used their access to the company's encrypted communications equipment to spy on over 100 countries, including friends and foes alike, according to news reports.
An unsecured, internet-facing database belonging to cosmetic giant Estee Lauder exposed over 440 million company records, including email addresses and IT logs, a researcher discovered. What can be done to prevent such mishaps?