Since Emotet malware returned last month, it's been dropping the Cobalt Strike penetration-testing tool directly onto infected endpoints shortly after infection, researchers say. The move could be a bid to more rapidly identify high-value systems for targeting with ransomware, some experts warn.
Once, in another role, Rent-A-Center CISO Jason Fruge was asked by senior management to develop a "security scorecard," but he resisted. What were his objections, and how did he address them? Fruge explains in this exclusive leadership discussion.
In 2021, the supply of cybersecurity professionals increased across the globe, with the exception of the Asia-Pacific region and some parts of Europe, says (ISC)² CEO Clar Rosso. She discusses factors behind the workforce gap and how a diverse team can improve resolution of cybersecurity problems.
With the support of the recent executive order on improving the nation's cybersecurity, Zero Trust strategy is gaining greater recognition. But there is still a degree of resistance to Zero Trust adoption. Dr, Chase Cunningham, CSO of Ericom, discusses this and other issues around Zero Trust.
Cybersecurity experts worry about attacks and ransomware directed at the 70,000 water and wastewater facilities in the U.S. In November 2020, the Hampton Roads Sanitation District was infected with Ryuk ransomware. Fortunately, its operational technology systems were unaffected, and it recovered.
A botnet operation called Glupteba has been disrupted by Google's Threat Analysis Group. The botnet targeted more than 1 million Microsoft Windows users in the U.S, India, Brazil and Southeast Asia. Also, Google has filed a lawsuit against two Russians alleged to be the botnet's operators.
Congressional negotiators have scrapped a provision in the must-pass defense spending bill that would have required owners and operators of critical infrastructure to report cybersecurity incidents and ransom payments made to criminal gangs.
Two separate, massive cyber incidents recently occurred. One has disrupted services at 200 Nordic Choice Hotels in Europe, and the other - a cyberattack on a major supplier - has caused around 300 SPAR stores to temporarily close in the UK.
Critical thinking, systems thinking and design thinking are important elements missing in cybersecurity education today. In this interview, Dan Faughnan, ex- Canadian Security Intelligence Service, discusses how thinking about cyber as part of a broader threat spectrum relates to national security.
Canadian police have arrested Matthew Philbert on suspicion of being tied to multiple ransomware and malware attacks that amassed domestic victims. Separately, a U.S. indictment charges Philbert with perpetrating an attack against the state of Alaska that breached personal and medical information.
Steve King, director of cybersecurity advisory services for ISMG's CyberTheory, has just been appointed a member of the Forbes Technology Council. He discusses the role, his passion for Zero Trust and new initiatives to expect from CyberTheory in 2022.
Most federal executive branch agencies in the U.S. now have vulnerability disclosure policies. John Jackson and Jackson Henry of the security research group Sakura Samurai say those policies ensure they don't get into legal trouble for helping improve cybersecurity.
While the Maryland Department of Health's public website is operational again after a weekend network security incident, certain systems continue to be offline. Officials are asking employees not to use state-issued computers as state authorities and law enforcement agencies investigate.
An electric cooperative serving two western Colorado counties says a cyberattack first detected Nov. 7 has disabled billing systems and wiped out 20 to 25 years' worth of historic data, leaving the utility operating under limited functionality, according to the company and local reports.
A U.S. federal court in Virginia has paved the way for Microsoft to disrupt the activities of China-based hacking group Nickel. Microsoft will target websites that the threat actor uses to gather intelligence from government agencies, think tanks and human rights organizations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.