US government agencies and private-sector companies have been warned to be on high alert for cyber-attacks by threat actors affiliated with the Chinese Ministry of State Security (MSS). A joint security advisory on the cyber-threat was issued yesterday by the

Passwordless authentication “is an aspiration and not necessarily a destination,” said David Mahdi, senior director analyst at Gartner during the Gartner Security and Risk Virtual Summit. This is because many organizations are still reliant on legacy technology that does not

The impact of the COVID-19 pandemic has led to uncertainly and anxiety in society, but also sweeping changes in the way businesses operate and plan for the future. Speaking during the Gartner Security and Risk Virtual Summit, research VP Roberta

CISA warns that Chinese nation-state actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies. These threat actors varying degrees of skills using open-source information to plan and execute cyber operations.

The UK’s National Cyber Security Centre (NCSC) has released a new Vulnerability Reporting Toolkit, designed to help organizations manage vulnerability disclosure in a streamlined, process-driven manner. The government-backed GCHQ unit explained in a blog post yesterday that the new toolkit

Security professionals are still making a poor job of getting business leaders to understand strategies. Speaking during the Gartner Security and Risk Virtual Summit, VP analyst Jeffrey Wheatman claimed security professionals are “fighting a battle with ourselves and our business

Tens of thousands of US veterans have had their personal information illegally accessed in a data breach incident announced on Monday. The US Department of Veterans Affairs (VA) Office of Management revealed that 46,000 veterans had been affected by the

Around 2000 e-commerce stores running the popular Magento software were attacked over the weekend, in the largest recorded campaign of its kind, according to researchers. Sansec’s Threat Research Team warned that the 1904 Magecart attacks it detected targeted e-stores running

Hackers compromised nearly two thousand Magento stores in the largest ever web skimming campaign that targets Magento stores. The previous record of several stores hacked in a day is 962, that attack happened in July last year. The increase in

Thousands of Magento online stores have been hacked over the past few days as part of the largest ever skimming campaign. Security experts from cybersecurity firm Sansec reported that nearly 2,000 Magento online stores have been hacked over the past

Privacy issues have been detected in an official application of the Joe Biden campaign. The Vote Joe app uses relational organizing to allow users to share data about themselves and their contacts with a voter database run by Target Smart,

A large proportion of employees are using their own devices to access data belonging to their company, according to a new study by Trend Micro. Researchers found that 39% of workers use personal smartphones, tablets, and laptops to access corporate

The notion of zero trust in cybersecurity is a misunderstood term, according to Neil MacDonald, VP and distinguished analyst at Gartner. Speaking during the Gartner Security and Risk Virtual Summit, MacDonald noted that extending trust is in fact necessary for

A plea by a blockchain voting company for the US Supreme Court to consider good-faith security researchers a threat to cybersecurity has been opposed by industry leaders. The plea was put forward by the company Voatz in the form of

The top security projects for 2020 and 2021 include focus on the cloud, authentication and risk. Speaking at the Gartner Security and Risk Virtual Summit, Gartner analyst Brian Reed said the initial forecast on projects had changed due to COVID-19,

The COVID-19 pandemic has presented an opportunity to create new security and risk professionals with “endless” opportunities. Those were the words of Jeffrey Wheatman, Gartner VP analyst, speaking in the opening keynote of the Gartner Security and Risk Virtual Summit.