The CEOs of SolarWinds, Microsoft, FireEye and CrowdStrike rolled out a series of cybersecurity recommendations to a U.S. Senate panel Tuesday while detailing how foreign actors gained access into their firms' systems as a result of the SolarWinds supply chain attack.
Software company Accellion has released preliminary findings around the security incident that stung customers using its 20-year-old File Transfer Appliance. The attackers swiftly stole data from compromised systems, and some of those organizations have subsequently been extorted.
The "Cuba" ransomware gang has hit Seattle-based Automatic Funds Transfer Services, which processes data from California's Department of Motor Vehicles as well as many cities in Washington. Victim organizations say AFTS is investigating the incident and that an unknown amount of individuals' data was exposed.
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
In an update on the investigation into the SolarWinds supply chain attack, Deputy National Security Adviser Anne Neuberger said the Biden administration is preparing "executive action" to address security shortcomings that have come to light.
In 2020, a cybercrime operation known as ShinyHunters breached nearly 50 organizations, security researchers say. And this year, it shows no signs of slowing down - it's already hacked e-commerce site Bonobo and dating site MeetMindful.
Vulnerability management is more than assessment scanning. It involves the understanding of risk and the integrating of people and processes to remediate the most sensitive assets in the network.
Download this report to understand how enterprises must automate vulnerability prioritization and remediation. Moreover,...
In the last two years, 51% of financial services institutions (FSIs) have experienced a data breach, and the severity and volume of cyberattacks continue to increase. A global survey of 469 cybersecurity professionals shows that FSIs can dramatically reduce the
risk of being breached by improving end-toend...
The severity and volume of cyber attacks is increasing. However, most organizations are not comparably enhancing their abilities to prevent hackers from exploiting attack vectors. In fact, it’s taking longer to detect and longer to patch critical vulnerabilities than last year. The cost and
consequences of this...
In our 22-criterion evaluation of GRC platform providers, we identified the 12 most significant ones — Enablon; Galvanize; IBM; LogicManager; MetricStream; NAVEX Global; Riskonnect; RSA, a Dell Technologies Company; SAI Global; SAP; ServiceNow; and Workiva — and researched, analyzed, and scored them. This report...
Following the hacking of a Florida water treatment plant, CISA is warning the operators of other plants to be on the lookout for hackers who exploit remote access software and outdated operating systems - and to take risk mitigation steps. The advice applies to other organizations as well, some security experts say.
Two more breaches have been tied to the vulnerable 20-year-old Accellion File Transfer Appliance. The latest victims are Singapore telecom company Singtel and Australian medical research institute QIMR Berghofer.
The latest edition of the ISMG Security Report features an analysis of the critical security issues raised by the hacking of a Florida city water treatment plant. Also featured: The CISO of the World Health Organization discusses supply chain security; hackers steal celebrities' cryptocurrency.