Rant of the day: Are we getting hacked because we now work remotely in the new normal? No, we're being hacked because we're not managing our risks and being lazy - and because the CISO is not being heard.
In a bid to address security risks associated with the use of virtual private network solutions, the National Security Agency and the Cybersecurity and Infrastructure Security Agency on Tuesday offered government leaders guidance on selecting remote access VPNs and strengthening their security.
You can't decrease the motivation of ransomware attackers. But you can curb their success by bolstering your own enterprise's approach to access, credentials and privileges. Morey Haber and James Maude of BeyondTrust share insights on ransomware defense.
Cybersecurity and computer science experts testifying before Congress on Tuesday expressed concerns about their inability to access key social media data sets that could allow them to analyze and potentially counter the spread of misinformation.
Hacking incidents - especially those involving ransomware attacks and vendors - continue to rack up some of the largest victim counts in major health data breaches being reported to federal regulators in 2021. Will the trend continue?
The Russia-linked cyberespionage group Nobelium, which was responsible for the SolarWinds supply chain attack, has developed and deployed a new malware, dubbed FoggyWeb, according to a Microsoft Threat Intelligence Center security blog. Microsoft says FoggyWeb creates a backdoor to exfiltrate data.
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
The Department of Health and Human Services has named Lisa J. Pino - a former Department of Homeland Security official charged with mitigating the massive 2015 cyberattack on Office of Personnel Management - as the new director of its HIPAA enforcement agency.
The U.S. Department of Commerce is soliciting input on a Trump administration cybersecurity executive order that requires cloud providers to verify the identities of certain users - particularly cyber actors potentially operating abroad and leveraging U.S. cloud technologies.
A security researcher who goes by the alias Watchful_IP has discovered a command injection vulnerability that could potentially affect millions of Hikvision's IoT devices. The video security solutions provider says it has fixed the flaw and rolled out a firmware update for its end users.
For combating ransomware, doing the security basics is essential, including keeping systems updated and patched. Don't follow in the footsteps of one technology firm, which Sophos found got hit by Cring ransomware after attackers exploited ColdFusion software that hadn't been patched in 11 years.
Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.
Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.
Brian Barnier, a director of analytics who is developing a course on critical and design thinking in cybersecurity for CyberEd.io, is a firm believer in the importance of critical thinking today. He discusses how that, plus systems and design thinking, can improve the way cybersecurity functions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.