Good news on the breach prevention and incident response front: More businesses are getting more mature practices in place, although as attackers continue to improve their efforts, so too must defenders, says incident response expert Rocco Grillo of consultancy Alvarez & Marsal.
In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.
A suspected Russian group blamed for the SolarWinds compromise in 2020 is continuing to innovate and is infiltrating technology services and resellers, according to a new report from Mandiant. Mandiant says the group, which it calls UNC2452 and Microsoft calls Nobelium, practices "top-notch operational security."
The U.S. Transportation Security Administration has issued new security directives for higher-risk freight railroads, passenger rail, and rail transit that it says will strengthen cybersecurity across the transportation sector in response to growing threats to critical infrastructure.
Many ransomware-wielding attackers continue to rely on initial access brokers to easily gain deep access to victims' systems, allowing them to steal data and attempt to pressure victims into paying via data leak sites. Researchers say that the number of victims being listed on such sites has surged.
Your users - and the resources they use - are in multiple locations. IT teams are tasked with enabling everyone to work securely in an increasingly distributed environment.
Read this solution brief to learn more about
Provide secure connectivity from any location: home, on-site, or in the office
Join this on demand session to learn how attackers are leveraging credentials, Active Directory, and the vast over provisioning of entitlements to successfully conduct some of the most damaging attacks that we have ever seen.
Following the holiday recess, U.S. lawmakers are picking up several legislative priorities starting Monday, including progress on the annual defense spending bill, which contains amendments that would require incident reporting for critical infrastructure providers, among other measures.
The annual IRISSCOM cybercrime conference in Dublin aims to give attendees "an overview of the current cyberthreats facing businesses in Ireland and throughout the world" and how to best defend themselves, organizers say. Here are visual highlights from the conference's latest edition.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why security teams are still unprepared for cyberattacks over weekends and holidays, which experts warn is when attackers love to strike.
A health insurer in New Mexico is warning of a data breach that exposed customers' personal and medical information. True Health New Mexico reports that nearly 63,000 individuals' personal details were exposed in the "early October" incident. It's offering all victims prepaid credit monitoring services.
In this episode of "Cybersecurity Unplugged," Dan Bowden, CISO at Sentara Health, discusses telemedicine, IoMT, and explains why we’re lagging so far behind in healthcare security. "It’s because of how the data is managed, data standards, data integrity."
The latest edition of the ISMG Security Report features an analysis of how organizations can reduce risk especially over holidays and weekends, when attackers are most likely to strike. Also featured: Highlights from Ireland's IRISSCON 2021 cybercrime conference; what's ahead for COVID-19 and the workplace?
No ransomware victim ever wants to pay a ransom. But if for whatever reason they choose to do so, multiple tactics can help them negotiate down initial demands by 50% or more. So say two researchers at NCC Group's cybersecurity division Fox-IT, based on their review of over 700 ransomware negotiations.
Over 500 cyber security professionals reveal key incident response challenges and how they’re rethinking preparedness, detection and response programs.
Download this whitepaper - takeaways include:
Over 55% of organizations want to improve time to containment and incident response automation but more than 45%...