The cybersecurity authorities of Australia, New Zealand, Singapore, the United Kingdom, and the United States have released Joint Cybersecurity Advisory AA21-055A: Exploitation of Accellion File Transfer Appliance.
As cybercriminals continue to revel in the surge of employees using weak or vulnerable methods to remotely access workplace systems, organizations are increasingly looking to boost overall security by eliminating passwords, and instead opting for passwordless authentication. Here, we talk to Shimrit Tzur-David, CTO of Secret Double Octopus, about recent developments in this technology.
Indeed, over the past few years, ransomware operators have shifted tactics, moving from widespread targeting intended to collect smaller ransoms from several entities to being more selective in what organizations are targeted and setting larger ransom amounts. One recent tactic revealed ransomware operators using virtual machine to evade detection, which was quickly adopted by other groups.
The IoT security bill is a step in the right direction, as it addresses one of the biggest gaps in software security overall -- generating awareness. But, as the use of connected devices continues to exponentially grow over time, we must ask ourselves: is it enough? Let’s explore.
LexisNexis Risk Solutions released its biannual Cybercrime Report covering July 2020 through December 2020, which details how the evolving threat landscape created new opportunities for cybercriminals around the world, particularly as they targeted new online users.
The Cybersecurity and Infrastructure Security Agency (CISA) and AVANGRID, a sustainable energy company providing services in 24 states, conducted a virtual tabletop exercise to test and identify the safety procedures AVANGRID has implemented since the beginning of the COVID-19 pandemic and identify additional procedures necessary to ensure employee safety operations and business continuity in the out years.
Two large phishing attacks, aimed at a combined 10,000 victims, spoofed emails from FedEx and DHL Express in an attempt to steal their targets' business email account credentials.
Local governments, including counties and municipalities, face unique cybersecurity challenges that can too easily disrupt the delivery of mission-critical services. With continuous threats of ransomware and other malicious attacks to derail day-to-day municipality function, like water infrastructure, waste management and more, the security of these entities is of top national priority. Here, we talk to Mike Hamilton, CISO for government cybersecurity firm, CI Security, about the biggest threats to the U.S. critical infrastructure.
New Lookout Threat Report: 70% of government-focused mobile phishing attacks sought to steal credentials in 2020.
February 24, 2021
Lookout Inc. released its Government Threat Report, which examines the most prominent mobile threats affecting federal, state and local governments in the United States. Lookout data reveals that U.S. government organizations are increasingly targeted by credential stealing mobile attacks and exposed to hundreds of vulnerabilities from outdated operating systems and risky apps.
Companies with cloud-first strategies are growing in number as the benefits of cloud have become more apparent and appetizing in the fallout of the COVID-19 pandemic. However, simply having a cloud-first strategy doesn’t guarantee success in the cloud, cost savings and increased agility. Similarly, security remains a pervasive threat if a process for mitigation is not built into the very foundation of your cloud strategy.
RSS
