Access control

New Intel firmware boot verification bypass enables low-level backdoors

By replacing a PC's SPI flash chip with one that contains rogue code, an attacker can can gain full, persistent access.

Public SAP exploits could enable attacks against thousands of companies

A recently released exploit takes advantage of a known configuration vulnerability that persists among many on-premise and cloud SAP instances. Here's what companies using SAP should do.

What is "reasonable security"? And how to meet the requirement

Privacy regulations such as the GDPR and CCPA require companies to provide "reasonable security" to protect customers' personal information. Here's how you might best achieve that standard.

Here’s how one company is simplifying secure access in the age of hybrid

With enterprises moving towards hybrid ecosystems, security leaders need to strike the right balance between user experience and the zero-trust approach.

Data protection: The role of AI, analytics and the new CDO

As data protection takes center stage in the enterprise, companies will require a chief data protection officer (CDpO) instead of a chief digital officer (CDO).

Cisco RV320 and RV325 online management interface remains open to attacks

Cisco customers using Small Business RV320 and RV325 who updated the online management interface for the dual gigabit WAN VPN routers in January will need to update it again.

Cisco warns of two security patches that don’t work, issues 17 new ones for IOS flaws

Cisco is issuing 17 new fixes for security problems with IOS and IOS/XE software that runs most of its routers and switches, while it has no patch yet to replace flawed patches to RV320 and RV 325 routers.

Can blockchain be the antidote to ransomware?

The technological know-how (of blockchain) that ransomware hackers exploit could also help fight against such attacks.   

Former TransUnion CIBIL security leader Shiju Rawther joins India Infoline

The former head of IT infra and security operations at TransUnion CIBIL, Shiju Rawther has now joined financial services major, India Infoline as Executive VP-IT.

Partner Content
Understanding Key Management Policy – Part 1

While front line defense mechanisms like firewalls, anti-theft, anti-spyware, etc. definitely act as a strong deterrent against cyber attacks, they are rendered useless when a hacker gains inside entry by exploiting their vulnerabilities to bypass them.

VMware firewall takes aim at defending apps in data center, cloud

VMware says its new Service-defined Firewall has gains deep visibility into the hosts and services that generate network traffic via company’s existing NSX network management software, its vSphere hypervisors and AppDefense threat detection system.

What is shadow IoT? How to mitigate the risk

When someone in your organization starts using internet-connected devices without IT’s knowledge, that’s shadow IoT. Here's what you need to know about its growing risk.