Heath Anderson, Director of Information Security and Technology at LogicGate, discusses how to build business and operational resiliency with a governance, risk management and compliance (GRC) program.
According to the Cybersecurity and Infrastructure Security Agency (CISA), malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-3447, CVE-2021-3452, and CVE-2021-3120. An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine.
New research Linux Threat Report 2021 1H from Trend Micro found Linux operating systems are being targeted – with nearly 13 million detections from the first half of 2021 – as organizations increase their digital footprint in the cloud and the pervasive threats that make up the Linux threat landscape.
Recently, Cloudflare detected and mitigated a 17.2 million request-per-second (rps) DDoS attack, an attack almost three times larger than previously ever reported.
As detailed in a new Area 1 Security report, threats ranging from ransomware, credential harvesters to difficult-to-discover but costly business email compromise targeted inboxes, could have resulted in over $354 million in direct losses had they been successful.
Ernie Anderson, Head of Professional Services at Kudelski Security, speaks to Security about the importance of a deputy chief information security officer (CISO) and why this position is critical to addressing security risk management.
With the proliferation of ransomware attacks, every business feels the pressure—and often a sense of futility—in defending against cybercriminals. But companies can regain control by focusing on one of the most common attack vectors: Active Directory.
Mobile telecommunication company T-Mobile has confirmed a data breach that reportedly affects nearly all of its U.S. customers. Hackers gained access to the company’s systems and hacked servers and databases containing the personally identifiable information of approximately 100 million customers.
As a more encompassing and modern approach that extends not only governance, risk and compliance capabilities but also Integrated Risk Management and Enterprise Risk Management, digital risk management provides new tools and techniques risk professionals can interweave into operations and technology with unprecedented detail to strengthening the enterprise.
