In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.
Calling all network defenders: Flag or block the unapproved use of legitimate cloud services in your enterprise, since malware-wielding nation-state attackers and cybercrime groups are both using them to hide their malicious activities, researchers warn.
North Korea is on track to have a middling year of cryptocurrency theft despite Pyongyang's constant demand for ready cash. Hackers deployed by the totalitarian regime have stolen $200 million in cryptocurrency this year, far less than the country's banner year of cryptocurrency theft in 2022.
The C-suite and boards are more involved in cybersecurity decisions than ever before, but executive leaders still have a huge disconnect between perceptions and operational realities. This gap leads to miscommunication and missed expectations that could pose great risks to the enterprise.
The democratization of AI has proved to be a double-edged sword - both enabling cyberattacks and defending against them. Generative AI can help organizations effectively correlate signals, identify threats and deploy countermeasures before attacks escalate, said Fleming Shi, CTO at Barracuda.
Threat clusters can be used to identify patterns of malicious behavior that traditional attribution in cybersecurity strategies could miss. These patterns can be used to develop early warning systems and prioritize resources for investigation and response, said John Shier, field CTO at Sophos.
DDoS attacks often disrupt the normal functioning of a targeted server, service or network by overwhelming it with a flood of traffic. KillNet, a collective of Russian-aligned hacktivists known for its DDoS attacks, gained attention by successfully taking down several U.S. government websites.
The advent of generative AI has increased the importance of enterprise browsers as the interface through which users interact with this technology. Enterprise browsers have gained prominence with their role in organizational workflows, which had been somewhat overlooked in the past.
While consolidating third-party risks into one document is important, it is equally vital to introduce artificial intelligence into various elements of your third-party risk management program, said Jonathan Pineda, CISO and DPO at the Government Service Insurance System in the Philippines.
Palo Alto Networks edged out Versa Networks, Cato Networks and firewall rival Fortinet for the top spot in Forrester's first-ever secure access service edge rankings. Leading providers have over the past 18 months built or bought both the networking and security pieces of SASE, Forrester found.
Researchers say a proxy service is routing internet traffic through unsuspecting users' systems that it turns into residential exit nodes, luring them into downloading the proxy application through offers of cracked software and games. Antivirus engines don't detect the application.
This week's roundup of digital assets-related cybersecurity incidents includes Argentina's investigation into WorldCoin; hackers' exploitation of Libbitcoin; Zunami and RocketSwap; Curve Finance's compensation plans for hack victims; the FBI's $1.7 million forfeiture; and X's crypto scam problem.
This week, Raccoon Stealer returned, hackers used QR codes, Belarus ISPs were used to spy on diplomats, Geico reported a MOVEit breach, an Israeli hospital dealt with ransomware extortion, Clorox took systems offline after an attack, and researchers found flaws in AudioCodes phones and Zoom's ZTP.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.