Despite a lack of appropriate visibility and control measures in place, cloud-based HR applications are now the most highly used cloud applications across organisations, with 139 such apps being used by organisations on average.
US remains a target as researchers at Forcepoint Labs uncovered possibly the first new PoS malware for two years. Named UDPoS, courtesy of how it relies upon User Datagram Protocol (UDP) DNS traffic for the exfiltration of data.
EU NIS Directive: As the implementation of the first true piece of cyber-security legislation draws near, Jalal Bouhdada discusses its potential impact on 'operators of essential services.
The latest research suggests, within just two years, the security situation for SCADA has got worse to the tune of an average increase of 1.6 vulnerabilities per application tested.
It's rare that CISOs have a horizontal view across their controls to know where to focus their resources for best overall effect which is why Nik Whitfield says agile analytics is a core capability that security teams already require today.
Unlike compliance mandates, the Center for Internet Security's Critical Security Controls enable you to easily see where holes exist in your current security armoury before you engage external expertise says Mark Kedgley
Rory Duncan argues that companies need to invest not only in detective and defensive controls, but also in the ability to take action when an attack is occurring
Updates are available following US Computer Emergency Response Team (CERT) issuing advisory warning of "weakly protected" credentials in Siemens SIMATIC WinCC flexible industrial control system.
Increasing levels of digitisation, but our nuclear infrastructure is still 'insecure by design'
Despite original attackers losing control of Stuxnet malware, it still poses a problem for organisations
In separate developments, a demo hack in Amsterdam shows how to crash a plane, while the US Federal Aviation Administration seeks to improve air cyber-security.
Dr Richard Piggin, in a blog published this week, notes how concerns about the vulnerability of control systems have been vindicated following the issuing of details about an attack on a German steelworks.
Control systems are visible on the internet and under attack from dedicated malware, but vendors are not providing adequate security.
Massive Android botnet discovered, as APWG chairman warns on dangers of jailbroken iPhones.