Hackers are entrepreneurs. After legitimate developers built software-as-a-service (SaaS) businesses by renting access to productivity software, cybercriminals seeking new revenue streams created malware-as-a-service (MaaS) as a dangerous alternative.
To help mitigate cybersecurity risks to managed service provider customers, the Cybersecurity and Infrastructure Security Agency released a resource, providing a framework that government and private sector organizations outsourcing some level of IT support to MSPs can use to better mitigate against third-party risk.
Guardicore has discovered a new attack vector on Comcast’s XR11 voice remote that would have allowed attackers to turn it into a listening device – potentially invading your privacy in your living room.
A single application may have hundreds of thousands of vulnerabilities. Increasingly, cybercriminals are targeting people just as much if not more than the systems that underlie an infrastructure, which is why the trusted insider conundrum is exacting renewed attention. In most instances, they represent a cheaper and more accessible conduit to achieve one’s objective. What’s to be done?
By staying on top of open source trends, scanning frequently and working with security counterparts to get the information needed, developers can fix more third-party library flaws faster to develop more secure applications in the future.
Overcome human nature with a security mindset that uses what humans are best at: complex reasoning. Remember to trust your human nature – the intuition that you need to double-check “locking the doors” or other security steps.
A CISOs first 90 days on the job provide a window of opportunity for establishing their credibility and earning a vote of confidence from leadership. This requires, among other things, thoroughly assessing a corporation’s organization, technology, governance and the processes it embraces.
According to a report by Honeywell, improving cybersecurity for operational technology (OT) systems ranks as one of the top priorities for surveyed facility managers over the next 12 to 18 months.
CISA and FBI urge organizations to remain vigilant to ransomware threats on holidays, including this Labor Day
September 1, 2021
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are customarily closed—in the United States, as recently as the Fourth of July holiday in 2021.