The latest edition of the ISMG Security Report discusses how the profits of ransomware group Zeppelin have been smashed by security researchers, FTX again highlighting the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.
As the U.S. celebrates Thanksgiving, let's give thanks for this cybercrime karma: For more than two years, law enforcement and security experts have been exploiting flaws in the crypto-locking malware to help victims decrypt their systems without paying a ransom.
As they turn their attention to identity-focused attack surfaces, threat actors are identifying on-premise and cloud-hosted Active Directory (AD) environments as primary targets.
For most enterprises, AD is the central repository for all accounts and systems within the network, and it is responsible for all...
According to Gartner, XDR adoption among enterprises is at 5% and is predicted to be 40% by 2027.
CISOs from leading organizations are embarking on XDR implementations to keep up with the evolving threat landscape. Don’t get left behind!
Along with the rapid adoption of XDR, there is often a lack of clarity...
ReliaQuest customers have tailored Digital Shadows' threat intelligence to their organizations to ensure conversations about their brands or products are being captured, says CEO Brian Murphy. The security operations firm says the Digital Shadows deal has fortified its detection and response muscle.
Palo Alto Networks will make its first major acquisition in nearly two years, scooping up application security startup Cider Security for $250 million. The Silicon Valley-based platform security behemoth will fork over $194.6 million of cash as well as $55.4 million of replacement equity for Cider.
ExtraHop has snagged high-profile Check Point, Cylance and Optiv executive Chris Scanlan to help the network security provider reach $500 million in annual recurring revenue. The Seattle-based network detection and response vendor has tasked Scanlan with strengthening ExtraHop's go-to-market motion.
The traditional application development model that puts security checks at the end of the process creates needless friction that slows down organizations, says Snyk solutions engineer Matt Mintzer. Application security specialists need to build tracks rather than guardrails for development, he says.
Cyberattackers love to strike on weekends and holidays - that's not news. What is news: These attacks cost more than weekday incidents, and they take a heavy toll on defenders. Cybereason's Sam Curry shares insight from the new study "Organizations at Risk: Ransomware Attackers Don’t Take Holidays."
Complexity is the enemy of security, and information technology grows ever more complex. Have we created a problem space in computing so complicated that we will be unable to safely operate in it for its intended purposes? Fred Cohen says that's unlikely. He discusses managing risk in the future.
Bankrupt cryptocurrency exchange platform FTX says unsanctioned actors made off with customers' digital assets, causing a scramble to secure digital wallets. Estimates of the amount of stolen money are in the hundreds of millions. FTX filed for bankruptcy Friday after entering a liquidity crunch.
President and CEO Sudhakar Ramakrishna says SolarWinds has done massive work implementing security into the build process since the company was hacked in late 2020. Testing, validating and qualifying the integrity of the company's source code has required significant effort, Ramakrishna tells ISMG.
This edition of the ISMG Security Report discusses how Australian health insurer Medibank is facing stark consequences for not paying a ransom to a group of cyber extortionists, how to limit unnecessary cybersecurity exposure during M&A, and how to manage challenges in hybrid environments.
Sonatype’s eighth annual State of the Software Supply Chain Report blends a broad set of public and proprietary data and analysis, including dependency update patterns for more than 131 billion Maven Central downloads and thousands of open source projects, survey results from 662 engineering professionals, and the...
Insider threats have risen 44% over the past two years. These threats can extend to a number of roles from temporary workers and contract staff to IT administrators, individual contributors, lawyers, auditors, third-party contractors, and employees both current and past... all of them can turn into a malicious...