Internal users, external collaborators and third-party apps are dramatically increasing the threat surface for new cloud cyberattacks.
The PCI Security Standards Council published PCI Data Security Standard 3.1 and supporting guidance.
A remote attacker can exploit these vulnerabilities without a username or password to gain access or control of a target application and compromise sensitive data.
Kaspersky Lab has recorded a rare and unusual example of one cybercriminal attacking another.
A new technique for exploiting an 18-year-old bug in Windows SMB, which would allow attackers to intercept user credentials, has been uncovered.
IT security tops the list of skills that teams need most, and one out of five reported having difficulty finding skilled talent for cloud initiatives. Companies are also looking for pros who have skills in network engineering, systems engineering, IT architecture and network operations.
The PCI Security Standards Council published PCI Data Security Standard (PCI DSS) Version 3.1 and supporting guidance. The revision includes minor updates and clarifications, and addresses vulnerabilities within the SSL encryption protocol that can put payment data at risk.
According to MIT, Harvard, and HackerOne researchers, the answer is not throwing more money at bug hunters, but incentivize them to find the the same vulnerabilities that the offense researchers have found.
Verizon has published its 2015 Data Breach Investigations Report.
92 percent of healthcare IT decision makers reported that their organizations are either somewhat or more vulnerable to insider threats, and 49 percent felt very or extremely vulnerable.