Proofpoint has focused on preventing cyberattacks, but customers have increasingly asked for help with blocking lateral movement from compromised identities, says CEO Ashan Willy. Acquiring Illusive in December will help Proofpoint block identity attack paths when a user is compromised.
In the latest weekly update, four ISMG editors discuss why it pays off to have well-practiced incident response plans, whether ChatGPT is a blessing or a curse for penetration testers and bug bounty hunters, and how Microsoft has reason to be cheerful as security sales hit $20 billion.
Data breaches in 2022 hit near-record levels as U.S. organizations issued 1,802 data breach notifications and more than 400 million individuals were affected. But only 34% of breach notifications included actionable information for consumers whose information was exposed.
Microsoft blamed an internal network configuration change for outages that disrupted access to Microsoft 365 services, including Microsoft Teams and Outlook, for users around the world. The change has been rolled back and additional infrastructure added to speed restoration, it says.
A North Korean hacking group tracked by cybersecurity firm Proofpoint as TA444 in December unleashed a torrent of spam in a bid to harvest credentials - evidence of a hacking group that mirrors "startup culture in its devotion to the dollar and to the grind."
Serial entrepreneur Arvind Parthasarathi has started the company Cygnvs, which streamlines and secures communication between internal and external stakeholders after a cyberattack. Cygnvs emerged from stealth with 90 employees, 1,000 customers, $55 million of funding and a generally available tool.
eSentire has used the $325 million it received in February to leverage data from its Atlas XDR platform and strengthen customers' positions around cyber resiliency. The Kitchener, Canada-based company has shifted its focus from alerts and data to business worries and business risk.
T-Mobile disclosed Thursday that hackers had access for approximately six weeks to an application programming interface that exposed customer data including names, birthdates and email addresses. No payment information or passwords were part of the breach, the company said.
Essential reading for network defenders: CircleCI's report into its recent breach, which began when malware infected an engineer's laptop. After stealing "a valid, 2FA-backed" single sign-on session cookie, attackers stole customers' secrets and gained unauthorized access to third-party systems.
Twitter says a massive collection of purported user data being sold and then leaked via cybercrime markets was not amassed by exploiting a vulnerability in its systems but is instead "likely a collection of data already publicly available online through different sources."
77% of SMBs believe their IT environments have become more complex over the past two years, and 52% of SMBs believe that this complexity is driving a rapid change in the cybersecurity landscape.
Download this eBook to learn about:
A multifaceted approach to building a secure RMM;
Enabling MSPs to secure...
Personal information for more than 1.3 million Aflac cancer insurance policyholders and almost 760,000 Zurich Insurance auto insurance policyholders in Japan has been leaked on the dark web following hacks on a third-party contractor. Affected individuals from both hacks reside in Japan.
In a world where the adversary has historically had the upper hand, cortex and IBM have partnered together to flip the script for their clients by partnering best in breed technology with extraordinary services.
Bringing together best-of-breed technology and services, Palo Alto Networks and IBM today announced...
CircleCI, which is used by over 1 million developers to build, test and deploy software, has issued a brief security alert warning all customers to immediately "rotate any secrets stored in CircleCI" as it continues to probe a suspected two-week intrusion.
Rackspace says the ransomware-wielding attackers who disrupted its hosted Microsoft Exchange Server environment last month wielded a zero-day exploit, described by CrowdStrike as being "a previously undisclosed exploit method for Exchange," to gain remote, direct access to servers it hosted.