Threat intelligence is a broad subject and the natural tendency is to produce intelligence on any topic or event regardless of its applicability to the company. True success in threat intelligence depends on focusing intelligence efforts to very specific business objectives, which removes the large surface area and leaves only a challenging sliver of ultra-high value to pursue.
Data is at the core of every business, and data theft is one of the most potent risks enterprises face. According to a 2015 Ponemon Institute study, the average consolidated cost of a data breach is $3.8 million, which includes investigative and forensic efforts, resolution, and the consequences of customer defection.
Data Breaches in 2015 are on pace to break all records. 2014 saw a record 783 breaches with over 85 million records compromised.
Researchers in Singapore have developed a method to sniff the perimeter of an organization for unsecured printers.
Researchers hacked into the operating systems of two Virginia State Police cars to expose cyber vulnerabilities in the department's fleet.
Any users running Jetpack 3.7 or lower are at risk of having their WordPress website being completely taken over.
Owing to a slew of lawsuits filed by banks and credit unions, the expected cost to Home Depot for a cyber intrusion may reach into the billions.
Apple addressed numerous vulnerabilities with the release of OS X El Capitan v10.11, iOS 9.0.2, and Safari 9 this week.
The popular blogging platform WordPress has been under attack the past three weeks with VisitorTracker malware code.
More than a billion Android mobiles are affected by a set of two critical Stagefright vulnerabilities that can be exploited to take complete control of a device.
When it comes to protecting your organization's intellectual property (IP), a single click by an end-user can either lead to data protection or a data breach.
In the wake of the SYNful Knock attack on its routers, Cisco should re-engineer its devices to prevent future attacks, says Raimund Genes.
A security researcher at Google has discovered more zero-day exploits in Kaspersky's anti-virus software.
The Dyreza Trojan has re-emerged and is now targeting the IT supply chain
An arbitrary file upload vulnerability has been discovered in an iOS app that allows an attacker to deliver a malicious package during a file transfer operation.
Researchers presented findings at Derbycon this past weekend that indicated vulnerabilities in thousands of medical systems.
Researchers at Malwarebytes detected another malvertising campaign targeting popular adult sites over the weekend, this time against PornHub and YouPorn.
Customers are doing more and more business online. Nearly 80% of the U.S. population shops online and half bank online. However, websites are constantly under attack. 71% of consumers feel it is up to the online stores to ensure the protection of their information, making website security a top priority for many businesses.
The OpenSSL Project said it has updated its security policy to include a "Critical" severity level.
An injection attack on WordPress sites inserted code into 2,000 WordPress web pages.
Millions of Americans signed on with the Affordable Care Act for health insurance had their personal data put at risk for several months last year due to poor security practices in place at Healthcare.gov a federal audit found.
Every company has a data security risk mitigation strategy. However, the continuous news cycle on data breaches is proof that it is time to augment that strategy.
A recently discovered flaw in iOS 9 could allow a person to view any Apple device's contacts and photos without entering the proper passcode.
Do you still believe you can prevent 100% of intrusion attempts? If not, how do you find attackers once they land in your network?
Mozilla released Firefox 41 on Tuesday, and with it comes patches for 19 security advisories, four of which were deemed "critical."
Security ratings company BitSight Technologies published a rating of the security preparedness of organizations across six industries.
Symantec has discovered that unauthorized HTTP certificates were issued for Google webpages and terminated the employees who were involved in issuing the certificates.
Bug bounty program provider HackerOne released its "Vulnerability Coordination Maturity Model" on Tuesday to help companies assess and handle vulnerabilities in their systems.
Adobe on Monday released security updates across multiple platforms that address vulnerabilities in Flash Player and AIR.
Zerodium is offering up to $3 million for vulnerabilities and a jail break of iOS 9.
Sign up to our newsletters
SC Magazine Articles
- FireEye: First multi-vendor ATM malware targeting cardholders
- Customer data possibly compromised in online photo store malware attack
- Excellus BlueCross BlueShield announces breach, 10.5M records at risk
- CVS employee steals data on 55K Molina Healthcare members
- False Facebook 'dislike button' ensnares users