A new nonprofit has launched a free Domain Name System (DNS) service that filters malicious domains linked to botnets, phishing campaigns, and other malicious activity. The new Quad9 DNS service built by IBM Security, Packet Clearing House, and the Global Cyber Alliance, is aimed at consumers and small- to midsized businesses, and doesn't share or [...]
The majority of organizations don't apply metrics to their cybersecurity efforts, and those that do often measure the wrong things. Here’s how to ensure your cybersecurity projects pay off. And even when organizations' information security function does generate and deliver data about the business' security, it typically never gets read. To help security departments align [...]
As the perimeter defenses of an infrastructure continue to fall away, where should security in a cloud environment reside? The cloud delivers distributed infrastructure — compute, storage, and network resources are here to stay with nothing more than an API call. For the new perimeter, the best solution is properly implemented encryption. Encryption allows IT [...]
In the financial services industry, people are used to the three lines of defense for the majority of the risk functions. Generally the first line of defense for management of risk is the business, the second line of defense is a control function, and the third line of defense is internal audit. Increasingly firms are [...]
The malware, designed to provide its operators with full access to the compromised machines, was used in an information gathering operation that focused mainly on ordinary people, though some victims were found to be high profile industrial, research, or diplomatic targets. The malware was abusing the legitimate TeamViewer remote access tool for its nefarious operations, [...]