cybersecurity – Page 22

What is a fileless attack? How hackers invade systems without installing software

“We see it every day,” says Steven Lentz, CSO at Samsung Research America. “Something coming through, some exploit type, unknown ransomware. We’ve stopped several things with our defenses, either network-wise or at the end point.” The attacks that Lentz is worried about are fileless attacks, also known as zero-footprint attacks, macro, or non-malware attacks. These […]

What is a fileless attack? How hackers invade systems without installing software Read More »

China’s Quantum Net Advance Offers a Glimpse into the Future of Enterprise Security

Data Center Knowledge

Chinese companies actively productizing quantum key distribution, which pushes communications security to a new level Earlier this month, China’s official news agency Xinhua announced the launch of a secure quantum communications network between Shanghai and Beijing. The 2,000 kilometer (1,243 mile) backbone will be used for military and government communications, but also in commercial areas

China’s Quantum Net Advance Offers a Glimpse into the Future of Enterprise Security Read More »

Is universal end-to-end encrypted email possible (or even desirable)?

CIO Asia, CSO

People expect their email to be private between them and the recipient, but in reality, the contents of your email are exposed during transmission. Full end-to-end encryption would mean that only the receiver of the email can decrypt their messages, but sharing public keys and agreeing on a common encryption standard can be tricky for

Is universal end-to-end encrypted email possible (or even desirable)? Read More »

Ransomware Grows Up, Goes After Data Centers

Data Center Knowledge

Attacks on enterprise infrastructure reach unprecedented scale and ransomware payload Think your data center is safe from ransomware attacks because the attackers only go after careless end users who click on malicious links or attachments? Guess again. One company that got hit recently is South Korean hosting firm Nayana, which was forced to pay about

Ransomware Grows Up, Goes After Data Centers Read More »

VMware Builds Data Center Security into the Virtual Infrastructure

Data Center Knowledge

Anti-malware defenses are struggling to keep up with constant floods of new, fast-evolving attacks but one thing that could help is if the infrastructure itself had security built in. That’s the idea with VMware’s new AppDefense product, which lets companies restrict the types of operations allowed to applications running on virtualized servers. This kind of

VMware Builds Data Center Security into the Virtual Infrastructure Read More »

It’s Time to Replace Your Encryption-Key Spreadsheet

Data Center Knowledge

When a company stores critical data, whether in its own data center or in the cloud, encryption key management is vital to keeping that data secure, and letting the data center or cloud provider control the keys isn’t always an option. Cyberattacks on enterprises are on the rise, but most enterprise IT shops are still

It’s Time to Replace Your Encryption-Key Spreadsheet Read More »

What’s new in ransomware?

CIO Asia, CSO, IT News

In June, South Korean hosting company Internet Nayana, Inc., was hit by a ransomware attack that took down its 153 Linux web servers — home to more than 5,000 customer websites. “I know that negotiations with hackers should not be done,” company CEO Hwang Chilghong said in a statement. “I would not negotiate with a

What’s new in ransomware? Read More »

Are Encrypted Lockboxes for Data Centers Worth the Usability Cost?

Data Center Knowledge

The idea is simple. First, you encrypt all your data and put the key somewhere safe. Then you send the data off to a data center somewhere. When you need the data, you bring it back and decrypt it with your key. The people who run the data center have no way of getting to

Are Encrypted Lockboxes for Data Centers Worth the Usability Cost? Read More »

10 Things Data Center Operators Can Do to Prepare for GDPR

Data Center Knowledge

As we explained in an article earlier this week, the new European General Data Protection Regulation, which goes into effect next May, has wide-reaching implications for data center operators in and outside of Europe. We asked experts what steps they would recommend operators take to prepare. Read full article at Data Center Knowledge.

10 Things Data Center Operators Can Do to Prepare for GDPR Read More »

What Europe’s New Data Protection Law Means for Data Center Operators

Data Center Knowledge

The new European General Data Protection Regulation goes into effect next May and applies to any company, anywhere in the world, that collects sensitive data about European customers or employees. GDPR also comes with onerous breach notification requirements and high penalties for failing to comply, and data center operators may become prime targets for regulators’

What Europe’s New Data Protection Law Means for Data Center Operators Read More »

Quantum Computing Could Make Today’s Encryption Obsolete

Data Center Knowledge, Featured

Researchers at top university and corporate labs around the world are in a furious race to create the first practical, usable quantum computer. Quantum computers — which use quantum bits, or qubits — are capable of running computations impossible for existing technology. It promises to open up new possibilities in areas like medical research, artificial

Quantum Computing Could Make Today’s Encryption Obsolete Read More »

Look beyond job boards to fill cybersecurity jobs

CIO Asia, CSO, IT News

The cybersecurity talent shortage keeps getting worse. According to Cybersecurity Ventures, the cost of cybercrime will double from $3 trillion globally in 2015 to $6 trillion by 2021. Meanwhile, the number of open cybersecurity jobs will increase from 1 million in 2016 to 1.5 million by 2019. Meanwhile, the scale and damage of the attacks

Look beyond job boards to fill cybersecurity jobs Read More »

Is your data being sold on the dark web?

CSO, Featured

Sonatype’s crown jewel is its database of descriptions of over 1.2 million open source packages. “If that is lost, it could be an existential outcome,” said Wayne Jackson, CEO of the Fulton, Maryland-based software supply chain management company. To shut down any such leak quickly, Sonatype monitors the web for any indications that its data

Is your data being sold on the dark web? Read More »

Two years after the OPM data breach: What government agencies must do now

CIO Asia, CSO

The Office of Personnel Management breach in June 2015 was a big wake up call to our federal government, and, in its wake, a number of initiatives were launched to improve the government’s cybersecurity posture. Despite several concrete improvements, progress has stalled in some areas, as demonstrated by a series of assessments conducted since the

Two years after the OPM data breach: What government agencies must do now Read More »

With new dynamic capabilities, will whitelisting finally catch on?

CIO Asia, CSO, IT News

Everybody knows and hates whitelisting. Employees are only allowed to install approved software on their desktops and laptops, so they’re always complaining and asking for exceptions. Management eventually gets fed up with it and stops the experiment. For mobile devices, enterprises have a number of tools at their disposal, including mobile device management. In addition,

With new dynamic capabilities, will whitelisting finally catch on? Read More »