Ransomware-wielding attackers continue to pummel organizations. But labeling these as being just ransomware attacks often misses how much these incidents involve serious network intrusions, exfiltration of extensive amounts of data, data leaks and, as a result, reportable data breaches.
Roger Sels of BlackBerry assesses cybersecurity risk and sees two forms of chaos - cyber and endpoint. He also sees enterprises trying to defend automated attacks at human speed, which makes him ask: Isn't it time we rebooted our approach to cybersecurity risk prevention?
Security researchers warn that the number of exploit attempts targeting a critical vulnerability in F5 Networks' BIG-IP networking products has steadily increased since the company first announced the flaw late last week. They urge users to immediately apply patches.
A recent inspector general's report finds that NASA still struggles with implementing an agency-wide cybersecurity policy despite spending approximately $2.3 billion on IT, networking and security technology in 2019. The oversite report lists a series of improvements that NASA should make.
Could your organization withstand an attack by the master hacking operation known as "Fxmsp"? Hollywood loves to portray hackers as having ninja-like skills. But Fxmsp often favored the simplest tools for the job, because they so often worked. Defenders: Take note.
The U.S. Federal Communications Commission has officially designated China's Huawei Technologies and ZTE Corp. as "national security threats," barring American telecommunications firms from using certain federal funds to buy their equipment, such as for building 5G networks.
A bipartisan group of U.S. senators is calling for federal funding for cybersecurity coordinators in every state. Meanwhile, a measure introduced in the House would restore the position of cybersecurity director in the White House.
Palo Alto Networks product alert: All users should immediately patch a "critical" flaw in Pan-OS that can be remotely exploited to bypass authentication and take full control of systems or gain access to networks, U.S. Cyber Command and the Cybersecurity Infrastructure and Security Agency warn.
The University of California San Francisco says it paid a $1.14 million ransom earlier this month to obtain decryptor keys to unlock several servers within its school of medicine that were struck with ransomware.
Japan has been scanning its entire IPv4 address space to find insecure home routers, web cameras and sensors. The results are encouraging, and the country's program could serve as a model for other nations aiming to avoid large-scale IoT security problems.
IoT devices can be made cheaply and quickly. But as a result, they may lack adequate security features. The Atlantic Council is proposing regulations that would require technology retailers to sell devices that meet security standards, which would, in turn, put pressure on IoT component makers.
A massive DDoS attack generating 809 million packets per second was recently directed against a large European bank, according to the security firm Akamai, which describes in a new report the unusual approach the attackers took.
Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We are addressing problems too far downstream," he says.