The FBI warns that the notorious FIN7 cybercrime gang has a new trick up its sleeve: Mailing victims a $50 gift card portrayed as good for redeeming items listed on an accompanying USB storage device, which in reality downloads Griffon backdoor software to give attackers remote access.
Security practitioners around the world are struggling to cope with the challenges posed by remote workers heavily relying on virtual private networks during the Covid-19 pandemic. Here's a look at steps to take to help enhance security.
A newly discovered advanced persistent threat group is targeting industrial firms in the Middle East with a new type of backdoor Trojan, according to the security firm Kaspersky.
Using deception technologies can impose a cost on cybercriminals and help reduce dwell times and increase visibility, says Acalvio CEO Ram Varadarajan.
At RSA Conference 2020 in San Francisco, Information Security Media Group's editorial team conducted more than 130 video interviews with industry thought leaders. Here are the highlights.
More bad ransomware news: Following in the footsteps of Maze, now even more cybercrime gangs are threatening to not only crypto-lock systems but also leak stolen data. Such moves come following a banner year for ransomware operators, who are continuing to bring more advanced tactics to bear.
When enterprises evaluate Cloud Security Posture Management (CSPM), automated remediation is frequently the end goal. But hastening initial implementation of remediation introduces a risk of organizational opposition to automation going forward.
Read this guide to learn:
The benefits of automated remediation;
How...
Leveraging CSP security controls is essential, and, for some cloud implementations, is sufficient to manage public cloud workload risk. For most enterprises, however, these controls alone are not adequate to address the core aspects of cloud security: audit, visibility, protection, detection, and automation.
Read...
Misconfiguring a cloud database, storage asset, or search engine can have massive consequences. This misconfigure epidemic has seen the leakage of more than 14 billion data records in the last five years.
Read this report to learn how your organization can:
Ensure account-level controls, logging, auditing and...
Security researchers are tracking a variant of the prolific Mirai botnet called Mukashi, that's taking advantage of vulnerabilities in network-area storage devices made by Zyxel and giving its operators the ability to launch DDoS attacks. Zyxel has issued a patch for the vulnerability.
Data breaches occur for many reasons, but breaches caused by cloud misconfigurations have dominated news headlines in recent years. Enterprises, in particular, struggle to implement proper cloud security, resulting in more than 33 billion records exposed in 2018 and 2019 alone.
Read this report to learn:
About the...
In the increasing landscape of cloud technology, organizations must sort out the IT portion of the M&A process. The high profile nature of cloud, security, and the scope of data that is managed, and as a result, vulnerable to misuse, mismanagement, or exposure is a critical component to get right as part of your...
The world of ephemeral computing using the cloud, containers, and Kubernetes continues to evolve in ways that are both innovative and challenging. Change happens so fast it's hard for Security and GRC professionals to keep up. Organizations need to take a holistic approach to Kubernetes security and consider both the...
An organization that is transitioning to a large cloud provider should immediately consider the secure configuration of cloud services to be a critical element to governing these environments. Importantly, this cannot be a one-time event but must be implemented as a continuous approach.
Read this report to learn how...
Disinformation campaigns with ties to Russia are continuing in an attempt to impede other governments' responses to the COVID-19 pandemic, complicating public health efforts to combat the disease, European officials warn.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
