Cybersecurity News
RSS

Rapid7 victim of a software supply chain breach

May 18, 2021

Rapid7 has disclosed that the attackers behind the Codecov breach had accessed some of the company's source code using a previously compromised Bash Uploader script from Codecov.

Welcome to the new world of triple extortion ransomware

Daniel Smith

May 18, 2021

Ransomware is nothing new. But the tactics, techniques and procedures (TTPs) leveraged by threat actors have reached new levels of sophistication over the last few years. And with that growth has come an increased difficulty in protecting networks against costly attacks such as the recent DarkSide one on the Colonial Pipeline.

Healthcare’s next emergency: Ransomware follows in the footsteps of the pandemic

Andrew Homer

May 18, 2021

Healthcare businesses are already reeling from massive losses during the pandemic, and cyberattacks could cause further long-term damage beyond the initial attack. Research at Morphisec indicates that almost 3-in-10 consumers say they would consider switching providers if their records were breached in a cyberattack. Considering that same report found that 1-in-5 Americans say a cyberattack has impacted their healthcare provider in the past year, it’s undoubtedly worrying news for the entire industry. With this in mind, here are three avenues hackers are likely to exploit as healthcare becomes a more attractive target and what providers’ need to do to protect their sensitive data and safeguard the lives of their patients.

FIRST 33rd Annual Conference to be streamed live June 7-9, 2021

Under the theme – ‘Crossing Uncertain Times’, the conference will feature prominent global speakers from the Incident Response and Security Teams community

May 17, 2021

The Forum of Incident Response and Security Teams (FIRST) will hold its 33rd annual conference next month, June 7-9, 2021. Held online, the 33rd FIRST Conference: ‘Crossing Uncertain Times,’ is set to stream live from June 7, UTC at 1200hrs. The three-day event will feature keynote presentations highlighting recent global security incidents, pertinent industry panel discussions, and a range of presentations by global experts from across the incident response and security industry.

Who owns AD security in your organization?

Gil Kirkpatrick

May 17, 2021

Establishing operational resilience in the face of cyberattacks has become a top priority for organizations. As a core component of the IT infrastructure, Active Directory (AD) must be at the center of that process. But who is responsible for ensuring Active Directory is both protected and can be recovered quickly when a cyberattack occurs? In many organizations the answer is not clear, which can lead to missteps in detecting, defending against, and responding to cyberattacks.

How to select a cybersecurity framework to protect your greatest assets: People, property and data

Baan Alsinawi

May 14, 2021

Even if you are not mandated to adhere to any particular regulations, it still makes sense for your business to be proactive in managing risk. All frameworks include guidance for good cybersecurity hygiene, such as effective inventory and asset management, contingency planning, personnel security, system access control, and staff awareness and training, to list a few. To prepare for the aftermath of a cyber incident, frameworks provide incident response guidelines you can follow to recover and try to limit the damage. Establishing a framework can not only help your organization follow best practices but also bring rigorous cyber discipline to your organization.

President Biden signs executive order to strengthen U.S. cybersecurity defenses

Maria Henriquez

May 13, 2021

U.S. President Joe Biden has signed an executive order (EO) to improve the cybersecurity of the U.S. As the U.S. faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately people’s security and privacy, the EO seeks to improve efforts to identify, deter, protect against, detect, and respond to these actions and actors. Specifically, the EO will:

Wi-Fi vulnerability may put millions of devices at risk

May 13, 2021

Noted security expert Mathy Vanhoef recently discovered a Wi-Fi security vulnerability, that if exploited, it would allow an attacker within radio range to steal user information or attack devices. The security vulnerability, known as FragAttacks - fragmentation and aggregation attacks - are design flaws in the Wi-Fi standard and therefore affects most devices. In addition, Vanhoef discovered several other vulnerabilities that are caused by widespread programming mistakes in Wi-Fi products.

Learnings from the Colonial Pipeline cyberattack: focus on the 98% of attacks, not the 2%!

Jamison Utter

May 13, 2021

For many years, the focus on securing OT environments has been on the imminent danger of a cyberattack upon critical infrastructure, in other words, SCADA/ICS attacks. Most of the concern has been on nation state actors like China, North Korean, Iran and Russia directly attacking and destroying our infrastructure.

Apple failed to disclose security incident affecting 128 million users in 2015

May 12, 2021

An email entered into court this week in Epic Games' lawsuit against Apple shows that Apple managers uncovered 2,500 malicious apps had been downloaded a total of 203 million times by 128 million users in 2015. Evidence shows Apple managers chose to not disclose this security incident.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.

Cybersecurity News
RSS

Rapid7 victim of a software supply chain breach

Welcome to the new world of triple extortion ransomware

Healthcare’s next emergency: Ransomware follows in the footsteps of the pandemic

FIRST 33rd Annual Conference to be streamed live June 7-9, 2021

Who owns AD security in your organization?

How to select a cybersecurity framework to protect your greatest assets: People, property and data

President Biden signs executive order to strengthen U.S. cybersecurity defenses

Wi-Fi vulnerability may put millions of devices at risk

Learnings from the Colonial Pipeline cyberattack: focus on the 98% of attacks, not the 2%!

Apple failed to disclose security incident affecting 128 million users in 2015

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

Cybersecurity News RSS

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

Cybersecurity News
RSS