Warnings about U.S. critical infrastructure’s vulnerabilities to a catastrophic cyber attack – a cyber “Pearl Harbor” or “9/11” – began more than 25 years ago. But they have become more insistent and frequent over the past decade.
Former Defense Secretary Leon Panetta warned in a 2012 speech of both a “cyber Pearl Harbor” and a “pre-9/11 moment.”
Although patch management plays a critical role in minimising business risk caused by outdated software in any IT infrastructure, its mere mention can frighten many companies and their IT departments.
This can result in a lack of action, meaning many organisations find themselves with outdated systems, with the number of patches available to fix potential vulnerabilities and exploits becoming increasingly overwhelming.
Whether you are looking to introduce patch management or have an existing policy in place, here are some tips that will help develop a concrete strategy:
A group of cybercriminals have combined two powerful malware programs to create a new online banking Trojan that has already stolen millions of dollars from customers of 24 U.S. and Canadian banks.
The new threat has been dubbed GozNym by researchers from IBM X-Force because it combines the stealthy Nymaim malware and the Gozi banking Trojan.
The results are in: We have made zero progress since 2010. This was the year that IDC published results of a survey regarding cloud computing, and it found that security was the biggest barrier toward adoption. This statistic has found its way onto pretty much every presentation about cloud computing since 2010.
For a week in March, Website security firm CloudFlare analyzed the traffic hitting its customers' sites from the anonymous Tor Network.
The results of the study illustrate the double-edged nature of online anonymity. The Tor Network—a peer-to-peer collection of volunteered servers linked together to create an anonymizing Web service—allows people in oppressive countries to surf the Internet, enables activists to communicate freely and helps journalists evade government surveillance.