Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.
With the advent of CI/CD pipelines, supply chain attacks have become more prevalent – and as the recent SolarWinds breach has demonstrated, the impact of such breaches can be vast and rippling.
This eBook addresses questions raised by security leaders that want to better understand their organization’s...
Monitoring the performance and availability of applications has never been more important.
Today’s DevOps teams are responsible for ensuring high-quality, always-on digital experiences while reliably supporting increasingly frequent - often daily - code pushes.
No one understands this better than Splunk. We...
Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
As employees connect to servers each morning via VPN to download the valuable corporate data that they need for the day, compliance and security are easily jeopardized. As soon as the employee disconnects from the VPN, corporate oversight goes blind, and compliance can't be maintained.
There are precautions and...
Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...
Endpoint security and management has become very complex. Despite investments in teams and tools, organizations still struggle with visibility gaps across their IT environment, organizational silos and broken workflows that leave businesses exposed to risk.
Tanium commissioned Forrester Consulting to survey more...
Modern IT teams feel pressure from all directions. They must maintain compliance with data privacy regulations, track and secure sensitive data across endpoints and manage an ever-increasing number of assets, all while enabling business growth. Balancing these priorities often causes significant challenges for many...
The pivot to working from home (WFH) proved that enterprise IT organizations could do the unimaginable – and do it quickly and well. Once you realize you can move all your users to WFH in days instead of years, you start to wonder what else you can do quickly.
What digital transformation projects, long considered...
Digital transformation is a way of life in today’s business world. It touches all corners of the enterprise in ways that were once unimaginable. CIO and IT executives at companies of all sizes and in all industries are quickly coming to realize that most legacy tools and processes are, at best, inefficient and are...
As companies embrace the opportunities presented by cloud and mobile computing to connect with clients and optimize operations, they take on new risks. One of the biggest challenges in digital transformation is ensuring security, privacy, and compliance. With organizations increasingly putting emphasis on a smooth...
Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.
Fortinet’s FortiGuard Labs is out with its latest Global Threat Report, this one reflecting on the second half of 2020. No surprise: After the SolarWinds attack, supply chain security takes center stage. But don’t forget about ransomware and the ongoing attacks on new home branch offices.
Using a nearly 20-year-old file transfer product - what could go wrong? Among the many lessons to be learned from the Accellion File Transfer Appliance mess is this: Attackers will devote substantial resources to reverse-engineer hardware, software or a service if there's a financial upside.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
