To improve compliance efforts, organizations can turn to a number of technologies, including data analytics. Two experts share their views on making the most of automation and integration tools.
He was the first U.S. federal CISO, and before that he was an Air Force general. So when Gregory Touhill reacts to the coordinated supply chain attack on SolarWinds, he does so in military terms. His message to the global cybersecurity community: "Shields up."
What should incident responders grappling with the complex online attack campaign that successfully distributed a Trojanized version of SolarWinds Orion network monitoring software to customers focus on first? See these four essential alerts, which are already being updated.
The supply chain attack targeting SolarWinds was planned for months and intensified since the November election, says Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black. "Unprecedented" is how he describes the scale of the attack and level of sophistication.
Cybersecurity is a legitimate - and significant - business risk, and it's time to frame the topic appropriately, says Robert Hill, CEO of Cyturus. He shares insight on how to discuss cyber risk appropriately with C-level leadership and the board of directors.
Warning: The breach of FireEye disclosed last week traces to a sophisticated campaign involving Trojanized versions of SolarWinds Orion software used by hundreds of large businesses and government agencies. Experts are urging users to immediately upgrade the software and begin looking for signs of compromise.
Researchers with Palo Alto Networks' Unit 42 are tracking a relatively new cryptomining botnet called "PGMiner," which is targeting PostgreSQL database servers to illegally mine for monero. Currently, the malware only targets Linux-based database servers.
An ongoing phishing campaign designed to harvest Office 365 credentials is using a Microsoft Outlook migration message, according to researchers at Abnormal Security. These fake messages have landed in about 80,000 inboxes so far.
The adoption of the SASE model is being driven by numerous factors, including the need for enhanced business agility and network transformation, according to a panel of experts.
Five U.S. government agencies have been hit so far via a sophisticated supply chain attack. The intrusions appear linked to subverted software updates for SolarWinds' Orion network monitoring product, which is widely used by businesses and the U.S. government.
lackBerry researchers are tracking a relatively new ransomware variant called "MountLocker" and the operators behind it, who are using affiliate cybercriminal gangs to help spread the malware, exfiltrate data and extort victims, sometimes for millions of dollars.
Hackers are targeting thousands of vulnerable MySQL servers around the world, using ransomware to exfiltrate data from organizations and then demanding payment, according to Guardicore Labs. The attackers are also selling access to over 250,000 stolen databases.
CISA is warning that local K-12 school districts are increasingly under assault by cyberthreats targeting vulnerable networks that are disrupting physical and virtual education throughout the U.S. The top security problems include ransomware, Trojans and other malware as well as DDoS attacks.
A 4GB data archive belonging to Panasonic India has been released by a hacker who waged an extortion plot. The company says no highly confidential data was revealed, but a look at the data suggests otherwise.
Fraud explodes in tough times, and do times come any tougher than they have with COVID-19? In this latest Cybersecurity Leadership panel, CEOs and CISOs describe their efforts to spot and stop emerging fraud schemes involving synthetic IDs, social engineering and greater insider risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.