-
1 week ago | 
techtarget.itmedia.co.jp | Sharon Shea
2019年5月、セキュリティ分野の専門家ブライアン・クレブス氏が、米国の金融保険会社First American Financial Corporationの情報漏えいを報告した。同氏によると、First American Financial CorporationのWebサイトで、約8億8500万件の個人情報が誰でもアクセス可能な状態になっていたという。個人情報には以下の情報があった。 銀行口座情報 社会保障番号 住宅ローン記録 税務関連書類 運転免許証のコピー 流出の原因は、First American Financial CorporationのWebサイト設計の欠陥「不適切な直接オブジェクト参照」(IDOR:Insecure Direct Object Reference)によるものだ。ファイルやデータベースレコードといった「直接オブジェクト」にアクセスするためにはユーザーごとの適切な権限管理が必要だが、それをしないと、あるユーザーが別のユーザーのデータを参照、操作できてしまう。IDORはそうした脆弱(ぜいじゃく)性の一つだ。...
-
1 month ago | 
techtarget.com | Sharon Shea
Data breaches don't discriminate -- victims include organizations of all shapes and sizes spanning every industry. Attackers are at the ready with both new and tried-and-true tactics, techniques and procedures to break into networks and steal precious data. From outdated or vulnerable networks to employees clicking phishing emails to misconfigured cloud instances, all organizations would benefit from learning lessons from past data breaches.
-
1 month ago | 
techtarget.com | Gavin J. Wright |Sharon Shea |Ed Burns
A smart city is a municipality that uses information and communication technology to increase operational efficiency, share information with the public, and improve the quality of government services and citizen welfare. While the exact definition varies, the overarching mission of a smart city is to optimize city functions, drive economic growth, and improve the quality of life for its citizens using technology and data analysis.
-
Jan 14, 2025 | 
techtarget.com | Sharon Shea
By Sharon Shea, Executive Editor Pearson Education Published: 14 Jan 2025
Cryptography is one area of information security that is well known but often not well understood.
-
Oct 24, 2024 | 
techtarget.com | Sharon Shea
Malware is one of the greatest security threats enterprises face. Security departments must actively monitor networks to catch and contain malware before it can cause extensive damage. With malware, however, prevention is key. But to prevent an attack, it is critical to first understand what malware is, along with the most common types of malware. Attackers use malware, short for malicious software, to intentionally harm and infect devices and networks.
-
Sep 30, 2024 | 
techtarget.com | Gavin James Wright |Sharon Shea
A microcomputer is a complete computer on a small scale, designed for use by one person at a time. An antiquated term, a microcomputer is now primarily called a personal computer (PC). Common microcomputers today include laptops and desktops. In modern usage, microcomputers are complete computer systems that are smaller than a normal PC, such as single-board computers (SBCs).
-
Aug 28, 2024 | 
techtarget.com | Sharon Shea
Black, white and gray hats are familiar to security pros, but as the spectrum evolves to include green, blue, red and purple, things get muddled. Brush up on types of hackers. BySharon Shea,Executive EditorPublished: 28 Aug 2024 The information security world has three well-known types of hackers: black hats, white hats and gray hats. These colored-hat descriptions were born as hackers tried to differentiate themselves and separate the good hackers from the bad.
-
Jul 1, 2024 | 
techtarget.com | Sharon Shea
BySharon Shea,Executive Editor What is a click-wrap agreement (click-through agreement)? A click-wrap agreement (click-through agreement) is an online agreement in which the user signifies their acceptance by clicking a button or checking a box that states, "I agree." The purpose of a click-wrap agreement is to digitally capture acceptance of a contract. Click-wrap agreements permit companies to engage in a contract with customers without negotiating with each user individually.
-
May 15, 2024 | 
techtarget.com | Sharon Shea
Equifax. Colonial Pipeline. Sony. Target. All are high-profile data breaches, and all offer key lessons to learn that prevent your organization from falling victim to an attack. BySharon Shea,Executive EditorPublished: 15 May 2024 At RSA Conference 2024, representatives from some of the most infamous breaches in recent history joined forces to share their stories of being on the frontlines of a cyberattack.
-
Apr 29, 2024 | 
techtarget.com | Sharon Shea
All the major benefits of cloud computing -- improved IT efficiency, flexibility and scalability -- come with one major challenge: security. Cloud security threats, challenges and vulnerabilities occur for several reasons. For one, many organizations can't delineate where cloud service provider (CSP) obligations end and their own begin as part of the shared responsibility model. This leaves gaps unsecured and vulnerabilities unaddressed.
