To recruit and retain cybersecurity specialists, organizations must "stop expecting people just to be sort of 'focused monkeys' and doing one particular task and turning the handle," says Keith Martin, professor of information security at Royal Holloway University in the U.K.
Researchers are warning of three zero-day vulnerabilities in Kaseya's Unitrends cloud-based enterprise backup and disaster recovery technology. The news comes after a July 2 ransomware attack exploiting flaws in Kaseya's VSA software had a major impact.
Europol says the "No More Ransom" project, a portal launched five years ago, so far has helped more than 6 million ransomware victims worldwide recover their files for free so they could avoid paying almost 1 billion euros ($1.2 billion) in ransoms.
Some 95% of today’s compromises are either zero-day exploits or malware-free attacks; that means that signature-based behavioral defenses only work for 5% of attacks, says Joe Head of Intrusion Inc. He discusses how to use massive lists of historical data to train AI to spot and stop malicious activity.
DataVisor recently conducted its latest Digital Fraud Trends study, and it uncovered some startling findings about the latest threats to the digital banking/payments landscape. CEO Yinglian Xie shares insights on how to improve fraud defenses with machine learning.
Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."
Congress needs to update and expand federal laws to combat the surge in ransomware attacks, federal cybersecurity experts told a Senate committee at a Tuesday hearing.
At a Senate hearing on pipeline cybersecurity, leaders from several federal agencies briefed lawmakers on the roles regulators can play in the aftermath of the Colonial Pipeline attack. Lawmakers urged the agencies to "flatten the bureaucracy" to improve relationships with companies that support pipelines.
A newly discovered threat group dubbed Praying Mantis is targeting businesses in the U.S by exploiting vulnerabilities in internet-facing web applications to steal credentials and other data, the security firm Sygnia says.
Although Microsoft is slated to release the Windows 11 operating system in December, it's already available for a pre-release preview. And cybercriminals are taking advantage of that, slipping malware to those downloading a fake demo version, according to Kaspersky.
Security experts offer an analysis of Gartner's new strategic road map for SASE adoption that emphasizes the need for a detailed migration plan and offer tips for a successful rollout.
As chief security scientist and advisory CISO to security vendor Thycotic, Joseph Carson is well aware of risks employees will take to get their jobs done. He's just authored a new ethical hacker's guide to help enterprises plug their holes - before their adversaries breach them.
Remote management software company Kaseya says it obtained the ability to decrypt all victims of a massive REvil - aka Sodinokibi - attack via its software, without paying a ransom to attackers. But Kaseya has still not revealed how it obtained the decryption key, except to say it was supplied by a third party.
NIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which the private sector can also follow.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.