The Cuba ransomware group, which has previously targeted U.S. critical infrastructure firms, has updated its malware to "optimize" execution and "minimize" unintended system behavior, says Trend Micro. Researchers at Elastic Security Labs also share malware analysis, TTPs and detection techniques.
One of the most important recent developments by CISA has been the creation of the Joint Cyber Defense Collaborative, which is focused on operational private-public collaboration, says Kiersten Todt, CISA chief of staff.
With rising threats facing critical infrastructure sectors, such as healthcare and financial services, "society as a whole, and the safety of society, is completely dependent on cyber risk" - and being security resilient, says Jeetu Patel of Cisco.
In an organization, people are the ones who develop and sustain organizational strategy. Talented people are discovering that it's possible to leave a toxic environment so they can breathe and thrive. Marco Túlio Moraes explores how to retain both talent and strategy.
The world is a much different place since the previous in-person RSA Conference - and so is the cybersecurity marketplace. Alberto Yépez of Forgepoint Capital shares his view of the state of the industry and the market forces that may cause further change in 2022.
As the dwell time between when hackers compromise a system and when they trigger a ransomware attack has grown, victims have a little more precious time to detect and stop these attacks "before the worst happens," says Chet Wisniewski, principal research scientist at Sophos.
The U.S. is on "borrowed time" for a major cyberattack that could potentially seriously disrupt critical infrastructure, but the nation can secure its systems and resources to avoid such cybersecurity disasters, says Rep. Eric Swalwell, D-California.
The Cyber Threat Alliance just celebrated its fifth birthday, and President and CEO J. Michael Daniel says the membership and information sharing both are growing at an impressive pace. He discusses the surge in ransomware and how organizations should respond.
Michael Lines is working with ISMG to promote awareness of the need for cyber risk management, and the CyberEdBoard is posting draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This chapter - the last in the series - is titled "Building an Effective Defense."
The new Expel Quarterly Threat Report provides even more data on what we’re seeing, detection opportunities, and resilience recs to help protect your organization — now on a quarterly basis.
When contracting for modern MDR services, Lyndon Brown of Pondurance advises prospective customers to ask about more than the managed service and detection. He says they should ask tough questions about response. Brown shares his insights and strategies.
Atlassian has issued a patch for its Confluence workspace collaboration tool, which is being targeted in the wild with a zero-day vulnerability that gives attackers unauthenticated remote code execution privileges. The vulnerability has a CVSS score of 10 out of 10 for criticality.
U.S. government agencies have issued a warning to organizations in the country against paying ransom to the Karakurt data extortion group. The threat actor's promises to delete stolen data and not disclose the security incident to the public if its demands are met are false, the agencies say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.