Kaseya’s VSA product has been the victim of a sophisticated ransomware attack, affecting 60 Kaseya customers and an estimated 1,500 downstream businesses. Attackers are allegedly demanding $70 million in return for a universal decryptor software key that would unscramble all affected machines.
The massive shift to remote work and a continually expanding attack surface has made the concept of trust-based security a naïve one at best, dangerous at worst. But the upshot is that everything we’ve seen and experienced in the past year has helped seed the need for a zero-trust based approach. Let’s look at some of the major trends and factors of the past year and how these risks can be mitigated using a zero trust approach.
As organizations shift IT spending to cloud services, it’s important to prepare for more regulations, a high rate of data loss, and a likely increase in attacks on cloud apps. To plan for these challenges, organizations need visibility and security for software-as-a-service (SaaS), platform-as-a-service (PaaS), and infrastructure-as-a-service (IaaS) clouds. Here are four categories to consider to secure your cloud environments.
The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK’s National Cyber Security Centre (NCSC) released a Cybersecurity Advisory exposing malicious cyber activities by Russian military intelligence against U.S. and global organizations, starting from mid-2019 and likely ongoing.
With most of the world still anxious about COVID-19 and demand for vaccines high, new McAfee research sheds light on how hackers are targeting these fears with bogus apps, text messages, and social media invitations.
Privacy and security become further inextricably linked as consumers’ expectations rise. With this understanding, how should businesses organize to fulfill the privacy and security promises that today’s customers expect? Dell's Chief Security Officer, John Scimone, believes that a converged operational model is the most effective and efficient approach for the majority of organizations to achieve these outcomes.
Over the last two years, ransomware has been, without a doubt, the hottest topic in cybersecurity discussions in both the cybersecurity community and the general population. Major attacks like the one on SolarWinds and against Colonial Pipeline have dominated headlines — and for good reasons.
The insider threat is not a new risk for security teams. And, in the wake of COVID-19 and the newly remote workforce, there has never been a greater need for organizations to better balance their efforts to defend against both external and internal threats.
Bipartisan House lawmakers introduced legislation to increase cybersecurity literacy and security awareness among the American public amid a spike in cybersecurity threats against critical infrastructure.
Researchers at at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties using this exploit.
