-
5 days ago | 
techtarget.com | Sharon Shea
Check out the latest security news from the Informa TechTarget team. By Sharon Shea, Executive Editor Published: 09 May 2025
Was AI on your RSAC Conference 2025 bingo card?
-
1 week ago | 
techtarget.com | Sharon Shea
Cyberattacks have evolved rapidly as GenAI use has become more widespread. An RSAC Conference 2025 panel shared what they've learned over the past two years.
-
1 month ago | 
techtarget.itmedia.co.jp | Sharon Shea
2019年5月、セキュリティ分野の専門家ブライアン・クレブス氏が、米国の金融保険会社First American Financial Corporationの情報漏えいを報告した。同氏によると、First American Financial CorporationのWebサイトで、約8億8500万件の個人情報が誰でもアクセス可能な状態になっていたという。個人情報には以下の情報があった。 銀行口座情報 社会保障番号 住宅ローン記録 税務関連書類 運転免許証のコピー 流出の原因は、First American Financial CorporationのWebサイト設計の欠陥「不適切な直接オブジェクト参照」(IDOR:Insecure Direct Object Reference)によるものだ。ファイルやデータベースレコードといった「直接オブジェクト」にアクセスするためにはユーザーごとの適切な権限管理が必要だが、それをしないと、あるユーザーが別のユーザーのデータを参照、操作できてしまう。IDORはそうした脆弱(ぜいじゃく)性の一つだ。...
-
1 month ago | 
techtarget.itmedia.co.jp | Sharon Shea
2016年12月、検索大手Yahooは2013年8月のサイバー攻撃で10億件の個人情報が流出したと発表した。しかし、2017年10月に通信大手Verizon CommunicationsがYahooを買収した後の調査によると、実際の被害は30億件に及ぶことが判明した。影響を受けたユーザーアカウントは以下のサービスに関連付けられるものだ。 「Yahoo! Mail」 短文投稿サイト「Tumblr」 画像共有サービス「Flickr」 オンラインスポーツゲームプラットフォーム「Yahoo Fantasy Sports」 「Yahoo! Finance」 流出した個人情報の詳細は、ユーザーの氏名、生年月日、電話番号、パスワード、セキュリティ質問(本人確認のための質問)とその回答、パスワードリセット用のメールアドレスだ。クレジットカード情報や銀行口座情報は漏えいしなかった。インシデント発生時、Yahooは2013年以降変更されていない全てのパスワードを強制的にリセットし、暗号化されていないセキュリティ質問を無効化した。 2.National Public...
-
2 months ago | 
techtarget.com | Sharon Shea
Data breaches don't discriminate -- victims include organizations of all shapes and sizes spanning every industry. Attackers are at the ready with both new and tried-and-true tactics, techniques and procedures to break into networks and steal precious data. From outdated or vulnerable networks to employees clicking phishing emails to misconfigured cloud instances, all organizations would benefit from learning lessons from past data breaches.
-
2 months ago | 
techtarget.com | Gavin J. Wright |Sharon Shea |Ed Burns
A smart city is a municipality that uses information and communication technology to increase operational efficiency, share information with the public, and improve the quality of government services and citizen welfare. While the exact definition varies, the overarching mission of a smart city is to optimize city functions, drive economic growth, and improve the quality of life for its citizens using technology and data analysis.
-
Jan 14, 2025 | 
techtarget.com | Sharon Shea
By Sharon Shea, Executive Editor Pearson Education Published: 14 Jan 2025
Cryptography is one area of information security that is well known but often not well understood.
-
Oct 24, 2024 | 
techtarget.com | Sharon Shea
Malware is one of the greatest security threats enterprises face. Security departments must actively monitor networks to catch and contain malware before it can cause extensive damage. With malware, however, prevention is key. But to prevent an attack, it is critical to first understand what malware is, along with the most common types of malware. Attackers use malware, short for malicious software, to intentionally harm and infect devices and networks.
-
Sep 30, 2024 | 
techtarget.com | Gavin James Wright |Sharon Shea
A microcomputer is a complete computer on a small scale, designed for use by one person at a time. An antiquated term, a microcomputer is now primarily called a personal computer (PC). Common microcomputers today include laptops and desktops. In modern usage, microcomputers are complete computer systems that are smaller than a normal PC, such as single-board computers (SBCs).
-
Aug 28, 2024 | 
techtarget.com | Sharon Shea
Black, white and gray hats are familiar to security pros, but as the spectrum evolves to include green, blue, red and purple, things get muddled. Brush up on types of hackers. BySharon Shea,Executive EditorPublished: 28 Aug 2024 The information security world has three well-known types of hackers: black hats, white hats and gray hats. These colored-hat descriptions were born as hackers tried to differentiate themselves and separate the good hackers from the bad.
