IT execs face growing pressure to balance security with productivity

Companies are caught between competing interests as remote workers offset digital security needs with work-life balance.

By David Jones • Dec. 14, 2020

NSA calls out Russia-backed exploit of VMware virtual workspace platform

Network administrators in defense and national security were warned to patch systems where bad actors can gain access to data.

By David Jones • Dec. 8, 2020

GE medical imaging devices impacted by critical cyber vulnerability

Dozens of products including CT scanners and MRI machines are susceptible to hackers gaining access to sensitive health data and disrupting operations, according to CyberMDX. GE says there is no risk to patient safety.

By Greg Slabodkin • Dec. 8, 2020

IoT cyber bill clears Congress — what's next for industry players?

Long-awaited legislation is seen as a springboard to widespread adoption of standards across the booming connected-devices industry.

By David Jones • Dec. 3, 2020

Proactive technology upgrades prevent security nightmares, report finds

Successful enterprises stay one step ahead of bad actors, retain talent and get support from top company executives.

By David Jones • Dec. 1, 2020

Sharp rise in IT spending as cyberthreats evolve, Crowdstrike finds

Companies had to evolve as legacy security systems, including firewalls and antivirus software, fell short during the pandemic. 

By David Jones • Nov. 25, 2020

Companies exposed to unnecessary risk from missed patches, report finds

As vendor services become more cloud-based, companies are navigating a minefield of software patches.

By Samantha Schwartz • Nov. 24, 2020

Why does industry say there are air gaps between IT and OT?

Not only is OT connected to the internet now, cyberattacks can trickle through IT environments.

By Samantha Schwartz • Nov. 16, 2020

Voice, SMS not secure enough for multifactor authentication, Microsoft says

SMS and voice are based on publicly switched telephone networks (PSTN) and are the least secure options for MFA, said Microsoft's Alex Weinert.

By David Jones • Nov. 16, 2020

Cisco issues patch to address high-severity Webex vulnerability

The app within the HVD requires patching, Cisco said. A successful exploitation could lead to arbitrary code execution through user privileges.

By Samantha Schwartz • Nov. 5, 2020

Ryuk is challenging traditional 'find a flaw, fix a flaw' strategy

There is no universal solution for ransomware prevention, and even simulated phishing campaigns for employee awareness and deterrence fall short.

By Samantha Schwartz • Nov. 4, 2020

Ransomware 2020: the scale, scope and impact of attacks on business

In an international health crisis ripe with economic volatility, ransomware attacks have remained persistent. The fallout is growing more costly.

By Samantha Schwartz • Oct. 30, 2020

Weakened digital borders, information sharing spotlight vulnerabilities

The COVID-19 pandemic exposed how interconnected global IT systems are. Now, it's on every organization to keep its partners safe from cyberthreats.

By Katie Malone • Oct. 27, 2020

Security experts overlook attacker-favored credential stuffing

With an endless cycle of breaches, hackers have a large pool of exposed credentials to throw at websites, increasing their probability of success. 

By Samantha Schwartz • Sept. 30, 2020

Following scrutiny, Zoom enables end-to-end encryption to all users

Available as technical preview, the feature uses 256-bit AES-GCM encryption, the same encryption used by default in meetings. 

By Samantha Schwartz • Updated Oct. 27, 2020