The operators of LockFile ransomware have adopted new techniques, including "intermittent encryption," to help evade detection, according to cybersecurity firm Sophos.
As the last U.S. military flight lifted off Tuesday evening from the airport in Kabul, Afghanistan, what's been left behind reportedly includes a vast trove of biometric data that could be used to identify - including for interrogation or execution - individuals who assisted the occupying NATO forces.
Bitcoin ATM operators and blockchain analytics firms that recently launched a "compliance cooperative" acknowledge one of their goals is to influence regulation of the sector.
Citing damaging ransomware attacks that it, along with the FBI, has observed over recent holidays, the Cybersecurity and Infrastructure Security Agency issued an alert warning organizations to be prepared as the Labor Day holiday nears. CISA, however, is not tracking any immediate threats.
Researchers have released details of a serious vulnerability in Microsoft's Exchange email server, nicknamed "ProxyToken." The bug, which was patched by Microsoft in April, could be exploited to copy emails from Exchange inboxes.
By some estimates, the managed security services business is expected to grow by 50% between 2020 and 2025. And a huge part of that growth will by XDR, says Colin O'Connor, COO of ReliaQuest. He explains why XDR is far more than just vendor hype.
The cybersecurity firm IronNet, founded and led by retired Army Gen. Keith Alexander, has gone public without an IPO by merging with LGL Systems Acquisitions Corp., a "blank check" shell company formed to handle such mergers. Meanwhile, Checkpoint has announced plans to acquire the email security firm Avanan.
Although research firm Gartner forecasts that spending on cybersecurity will surpass $150 billion in 2021, "the proportion of investment going to companies raising investment for the first time is significantly down," says Saj Huq, director of cyber innovation at Plexal, a center for innovation in the U.K.
The healthcare sector has been reshaped by the forces of digital transformation and virtual health. But it also has been besieged by the shifting threat landscape and the escalation of destructive ransomware attacks. What role can zero trust play? Jack Miller of Menlo Security shares insight.
A vulnerability in Microsoft Azure's database service Cosmos DB has potentially put at risk thousands of Azure customers, including many Fortune 500 companies, according to the security firm Wiz. Microsoft has mitigated the flaw.
In the latest weekly update, four editors at Information Security Media Group discuss timely cybersecurity issues, including cryptocurrency exchange hacks and the cyber implications of the U.S. withdrawal from Kabul.
Accreditation organization CREST has concluded an investigation into whether NCC Group employees cheated on its penetration-testing exams, finding that the cybersecurity business's training materials violated its rules. It says NCC Group has agreed to overhaul its processes and demonstrate compliance.
To make the transformation to a DevSecOps approach, enterprises must slowly change the corporate culture by finding early adopters and starting small, says Sean D. Mack, CIO and CISO at Wiley, an education and research company.
This edition of the ISMG Security Report features an analysis initiatives unveiled by the Biden administration to enhance supply chain and critical infrastructure security and address the cybersecurity skills gap. Also featured: LockBit 2.0 ransomware rep 'tells all'; misconfigured Microsoft Power Apps.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.