Trellix recently released its Path to Cyber Readiness report. Briana Farro of Trellix discusses key findings about Preparation, Perception and Partnerships, as well as the expanding role of EDR and XDR to help organizations improve readiness.
Four ISMG editors discuss important cybersecurity issues, including lessons learned from the cyberattack on a steelmaker in Iran that caused a serious fire, how the economic crisis in Sri Lanka is affecting cybersecurity and what the rising cost of cyber insurance means for the industry.
Ransomware attacks and data breaches: One thing both have in common is the challenge of attempting to accurately understand their true scale and impact. Too often, data breach notifications lack useful details, while ransomware attacks and ransom payments go unreported.
CyberArk has pushed beyond privileged access management to address broader identity use cases as the rise of machine identities creates new challenges. The company will offer more holistic protection to user and nonuser identities by expanding into secrets management and cloud privilege security.
A little more than halfway into the year, hacking incidents, and especially ransomware incidents, as well as breaches involving business associates, are dominating the hundreds of major health data breaches affecting millions of individuals being reported to federal regulators.
Attackers used a phishing campaign to direct unwitting Microsoft business email customers into supplying logon credentials to a proxy server. Attackers stole online session cookies, allowing them to defeat MFA and access inboxes. From there, they emailed corporate vendors to obtain financial data.
Joshua Schulte now faces a minimum of 80 years in prison after a Manhattan federal jury returned guilty verdicts in all nine counts brought against the former CIA programmer by U.S. prosecutors. Schulte leaked a trove of classified hacking secrets used in espionage.
Threat actors carried out smishing attacks on nearly 10,000 Australian students enrolled at Deakin University and downloaded PII of about 47,000 students. Hackers compromised an employee's credentials to access the university's third-party SMS solutions provider to execute the attack.
The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.
Rui Ribeiro, the founder and CEO of Jscrambler, a company that monitors and obfuscates JavaScript code, discusses the proliferation of web applications that use third-party code, the liability risks that often exist, and how Jscramber's products can increase the security of all application code.
Microsoft's July Patch Tuesday addresses 84 new security flaws. At the top of this month's "patch me first" list is CVE-2022-22047, a zero-day vulnerability that has been actively exploited in the wild. Also, Windows Autopatch rolls out this month.
Seeking maximum profits, ransomware groups continually refine the tactics they use to bypass defenses, infect victims and pressure them into paying. Unfortunately, a reported increase in ransomware attacks and ransom amounts getting paid to criminals suggests these efforts largely remain successful.
Thieves behind a phishing campaign targeting investors into a cryptocurrency exchange got away with at least $8 million. The attack took advantage of human credibility, not a cybersecurity exploit in the Uniswap protocol, experts say. The stolen funds are being laundered in a cryptocurrency mixer.
The role of cyberattacks in Russia's war against Ukraine continues to evolve as the conflict persists, but one notable takeaway so far is the precision of the military's online attacks, which is likely an attempt to avoid spillover that would anger NATO, says Ian Thornton-Trump, CISO of Cyjax.
Many healthcare sector entities are undertaking projects involving the collection, analysis and sharing of large volumes of health data. But along with those efforts come critical privacy and security concerns, says attorney Iliana Peters of Polsinelli.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.