Security news aggregator

Latest coverage for Service Provider

Service providers can expose customer data and systems through weak access controls, insecure integrations, or third-party supply-chain risks.

32 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Service provider is an organization that delivers infrastructure, platforms, software, connectivity, or managed technical operations to customers over a network. In security reporting, the term usually means an external provider whose systems, personnel, or integrations process customer data or administer customer environments. Responsibility is shared: the provider secures the services and underlying environment it controls, while the customer must configure access, data handling, and integrations correctly.

Material risks include compromised provider accounts or administrative interfaces, vulnerabilities in shared software or infrastructure, inadequate isolation between customers, and loss of availability at a dependency. Providers should apply least-privilege access, strong authentication, secure development and vulnerability management, tenant isolation, logging, encryption where appropriate, and tested recovery procedures. Customers need evidence of relevant controls, clear contracts covering data use, privacy, breach notification, audit rights, retention and deletion, and coordinated incident response. Reviews should also address subcontractors, service changes, and how data and operations can be recovered or moved if the service is disrupted.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 32 Filtered view

Crooks used simple phone scam to compromise vendor account, spilling personal and financial data belonging to more than 15,000 people A voice-phishing scam targeting one of Ericsson's service providers has exposed the personal data of more than 15,000 individuals after attackers sweet-talked an employee into handing over access.…

The Register 5 months, 2 weeks ago

Why native cloud security falls short

Your cloud security must stand alone Partner Content As cloud adoption accelerates, many organizations are increasingly relying on the native security features offered by cloud service providers (CSPs). The ability to manage web application firewalls (WAF), data encryption, and key management (KMS) within a single provider ecosystem appears efficient and convenient. However, when security and reliability are viewed through the lens of enterprise risk management, this convenience may come at a significant cost.…

Crimson Collective claims 'sophisticated attack' that allows them to 'disconnect every user from their mobile service' Internet service provider Brightspeed confirmed that it's investigating criminals' claims that they stole more than a million customers' records and have listed them for sale for three bitcoin, or about $276,370. …

The Register 1 year, 7 months ago

Cyber protection made intuitive and affordable

How Cynet delivered 100 percent Protection and 100 percent Detection Visibility in 2024 MITRE ATT&CK Evaluation Partner Content Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running.…

Loading more headlines...