Remote work will be a permanent scenario for many organizations, according to the CIO Pandemic Business Impact Survey 2020. This underscores the need for policies that secure remote data access without inhibiting user productivity. “Given the paradigm shift to remote work, companies must protect their IT infrastructure — including networks, application servers, and VPN access points — against distributed denial-of-service attacks comprehensively on all levels and across all platforms,” says Mark Wilczek (@MarcWilczek), COO at…

A defined security culture is helping the financial industry, though the fundamentals should apply to any business. Image: Getty Images/iStockphoto I remember watching a bank being built. After the concrete foundation and ground floor were in place, workers began building a massive concrete and steel box right in the middle of the building’s floor. It finally dawned on me: That was the vault. It seemed impenetrable.  Financial institutions are hypervigilant when it comes to security….

One of the internet’s most popular purveyors of pornography has removed all unverified content from its website. Pornhub said it took the step last week in an effort to combat the rising tide of Child Sexual Abuse Material (CSAM) flooding the internet. Unverified uploaders have been banned from posting new content, and downloads have been eliminated. Currently, only content partners and people within the site’s Model Program can upload content to Pornhub. However, the site…

A survey of gamers worldwide found that gamers deal with bullying and theft of in-game valuables in addition to identity theft. Internet identity theft on a digital tablet with reflection of hackers hand concept for online digital crime American gamers are at a higher risk for identity theft than gamers around the world, according to new research from security firm Kaspersky. Twenty-seven percent of gamers in the US have had their ID stolen compared to…

Nation-state threat actors breached the supply chain of a popular IT management software provider in order to infiltrate government agencies and private companies. Update December 16: The Solution and Identifying Affected Systems sections have been updated to reflect the availability of Hotfix 2 and a new Tenable plugin. Background On December 13, several news outlets, including Reuters, The Washington Post and The Wall Street Journal, reported that multiple U.S. government agencies were the victims of…

A cyber-stalker from Arizona who joined up with a neo-Nazi group to harass and threaten journalists, advocates, and other targets has been sentenced to prison. Johnny Roman Garza admitted to conspiring with other members of the Atomwaffen Division to deliver menacing messages to journalists online and in person, sometimes targeting their homes. The campaign was created to intimidate individuals who had exposed anti-Semitic behavior.  The 21-year-old confessed to affixing a threatening poster to the bedroom window of…

Stretching back for months, the breaches were pulled off by exploiting a vulnerability in network monitoring software from SolarWinds, according to security firm FireEye. Image: Getty Images/iStockphoto Foreign adversaries have launched a series of cyberattacks against key government agencies by exploiting a flaw in software used by many of them. Affecting the networks and email systems of the targeted agencies, the malicious campaign dubbed UNC2452 by security firm FireEye took advantage of a vulnerability in…