This edition of the ISMG Security Report analyzes what prosecutors say is the biggest cryptocurrency seizure in U.S. history as well as the biggest financial seizure. It also details how a school district CISO resigned over the district's handling of a severe data breach and busts Zero Trust myths.
Are ransomware-wielding criminals running scared? That's one likely explanation for the sudden release this week of free, master decryption keys for three different strains of formerly prevalent ransomware: Maze, Sekhmet and Egregor.
As a CISO in financial services, Bradley Schaufenbuel of Paychex enjoys the velocity of change - no two days are alike. But with that pace comes a corresponding uptick in supply chain risk, which adds a new degree of difficulty to an already challenging leadership role.
A Kentucky hospital and the Maryland Department of Health are among healthcare sector entities still battling to fully recover from recent ransomware and other disruptive cyber incidents. What can other organizations do to avoid similar fates?
Four ISMG editors discuss important cybersecurity issues, including misconceptions around Zero Trust implementation, lessons learned from the crippling NotPetya malware attack of 2017 that nearly sank logistics giant Maersk and how a Russian cyberwar in Ukraine could move beyond its borders.
The latest edition of the ISMG Security Report features an analysis of how Russia's escalation in Ukraine is raising cyber defense alarms. It also describes how a Dark Overlord collaborator received a three-year prison sentence and shares tips for Zero Trust implementation.
U.S. DHS Secretary Alejandro Mayorkas confirmed on Thursday that the department is establishing a Cyber Safety Review Board, as directed by President Joe Biden's sweeping cybersecurity executive order signed in May 2021. The board aims to mirror the work of the National Transportation Safety Board.
The security world continues its fight against potential widespread exploitation of the critical remote code execution vulnerability - tracked as CVE-2021-44229 - in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell" and "Logjam." This is a digest of ISMG's updates.
The Log4j vulnerability exists in unpatched versions of Ubiquiti's UniFi Network applications, and is being actively targeted by attackers via a customized exploit, researchers at security firm Morphisec warn. While updates are available, systems remain at risk until patched.
Four ISMG editors discuss: how too many organizations fail to implement basic cybersecurity defenses - such as MFA; a proposed lawsuit against health insurer Excellus that calls for an improvement to its data security program; and strategies for securing open-source and other software components.
The latest edition of the ISMG Security Report features an analysis of whether a new ransomware operation is a spinoff of the notorious REvil or simply copying the group's moves; how Maersk responded to the NotPetya wiper malware attack; and essential incident response skills.
This report presents a new research which surveyed 400 MSPs across the globe, diving deep into the biggest challenges and opportunities that MSPs face when providing cybersecurity, backup, and disaster recovery (DR) services.
Download the report which delves into critical issues facing MSPs including:
...
With accelerated digital transformation, organizations are facing unique & sophisticated security challenges. Cyber resilience represents the ability to prepare for, respond to, and recover from adverse events such as cyberattacks, natural disasters, equipment and communication failures, and more. In an ideal world,...
Disaster recovery (DR) includes the most recent copies of data and processing capabilities in a platform that delivers automated availability of your clients’ most critical data, systems, and applications. It ensures that interdependent processes are recovered in the correct order, restored to the correct recovery...
The risks posed by Apache Log4j continue, as a previously seen initial access broker group with the codename Prophet Spider IAB appears to be targeting vulnerabilities in Apache's logging utility to infiltrate the virtualization solution VMware Horizon, researchers at BlackBerry warn.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.