As the massive ESXiArgs ransomware campaign continues to target unpatched VMware ESXi hypervisors, cybersecurity experts have released a script that can decrypt at least some affected virtual machines. Ransomware trackers count at least 2,803 victims, primarily in France, the U.S. and Germany.
APIs represent the best and worst of times - "massive amounts of business value, but massive amounts of unmitigated risk," says Richard Bird, CSO, Traceable AI. In the past year, misconfigured or error-prone APIs resulted in high-profile breaches at Twitter and T-Mobile. He sees more on the horizon.
Security practitioners are putting cognitive psychology and customer experience at the forefront of new product development in a push for usability, says Trusona's Kevin Goldman. Getting user experience designers familiar with products allows them to speak meaningfully with the security team.
Varonis has dedicated most of its engineering resources to SaaS since the onset of COVID-19 to provide more automation to customers, says CEO Yaki Faitelson. The company has focused on delivering robust data protection to customers without them having to dedicate hardware or personnel to the task.
The cloud security landscape has long been fragmented, and different vendors attempt to separately address containers, serverless and vulnerabilities, says Wiz CEO Assaf Rappaport. Consolidating detection, vulnerability and misconfiguration data in a single place reduces the noise for clients.
Privileged access management vendor Delinea has hired longtime RSA sales leader David Castignola to expand beyond North America as well as in nonregulated industries. Delinea hopes to increase sales beyond verticals such as financial services, banking, healthcare, insurance and the public sector.
The impact of a breach is rising which makes cybersecurity as a critical concern, and the CISOs are looking for a way to manage risk across millions of diverse, dynamic and distributed assets.
Unfortunately, most CISOs lack the tools to perform effective risk assessment and remediation. This forces CISOs to stitch...
Cybersecurity researchers say a Chinese for-profit threat group tracked as 8220 Gang is targeting cloud providers and poorly secured applications with a custom-built crypto miner and IRC bot. The malware can slow system performance, drive up costs and expose systems to security risks.
Vulnerability management issues are a common problem for many healthcare entities and can become an even bigger concern when unremediated issues are left to linger for years. That appears to be the case at some VA medical facilities, according to a report from the Office of Inspector General.
BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.
Researchers have linked Chinese advanced persistent threat group Playful Taurus, also known as Vixen Panda and Nickel, to a series of attacks against Iranian organizations between July and December 2022. The group recently updated its toolkit to include a new variant of the Turian backdoor.
The former head of the U.K.'s National Cyber Security Centre warns that destructive ransomware targeting large enterprises is likely to surge in 2023, adding that recent attacks on Royal Mail and The Guardian newspaper are examples of these early-stage attacks.
Ukraine's top information protection agency says Russian cyberattacks are focusing on destruction of critical information infrastructure, spying and disinformation. Although efforts are underway, it will require $1.79 billion to completely restore the telecommunication sector, it says.
Hacking and third-party business associate incidents were the crux of the largest health data breaches reported to federal regulators in 2022, foreshadowing the top risks and threats that will likely plague healthcare entities and their vendors in the new year, as well.
Researchers have found that Kinsing malware gained access to Kubernetes servers by exploiting misconfigured and exposed PostgreSQL servers. The threat actors gained access by exploiting weakly configured PostgreSQL containers and vulnerable container images.