Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.
The SolarWinds supply chain attack should prompt federal agencies and others to rethink how they approach security issues - especially identity and access management, according to a breakdown of the attack presented this week by NIST and CISA.
Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...
Endpoint security and management has become very complex. Despite investments in teams and tools, organizations still struggle with visibility gaps across their IT environment, organizational silos and broken workflows that leave businesses exposed to risk.
Tanium commissioned Forrester Consulting to survey more...
Achieving Resilience in Your Distributed Workforce Environment During the COVID-19 Pandemic and Beyond.
The COVID-19 pandemic forced organizations across the world to transition their workforce to a remote work environment overnight, disrupting processes and workflows and creating chaos in a time where clarity and...
Modern IT teams feel pressure from all directions. They must maintain compliance with data privacy regulations, track and secure sensitive data across endpoints and manage an ever-increasing number of assets, all while enabling business growth. Balancing these priorities often causes significant challenges for many...
A lack of centralized leadership, especially at the White House level, is hindering the federal government's ability to address numerous cybersecurity issues, including the SolarWinds supply chain attack that affected federal agencies and others, according to a new GAO report.
Using a nearly 20-year-old file transfer product - what could go wrong? Among the many lessons to be learned from the Accellion File Transfer Appliance mess is this: Attackers will devote substantial resources to reverse-engineer hardware, software or a service if there's a financial upside.
In an eye-opening look at the cost burden of a ransomware attack, Universal Health Services reports that an incident last September had a $67 million economic impact - citing, for example, the need to divert patients to competing facilities for urgent care. But insurance may cover much of the cost.
The U.S. is in danger of falling behind China and Russia in developing artificial intelligence technologies and countering cybersecurity threats that could develop as AI use becomes more widespread, according to a newly released report from the National Security Commission on Artificial Intelligence.
State-sponsored groups in China appear to be targeting India’s power supply by dropping malware into systems, according to online digital threat analysis company Recorded Future. The Indian government says it has taken steps to mitigate the risks.
Vulnerability management is vulnerable. This year’s transformation has revealed new gaps in processes and tools, inspiring a new evolution to the discipline of Vulnerability Management, Detection and Response. Mehul Revankar of Qualys discusses VMDR and how to embrace it.
In this interview with Information...
The mobile channel saw great user adoption in 2020 – and it saw a corresponding increase in fraud incidents. Tim Dalgleish of BioCatch discusses mobile fraud trends and the role of behavioral biometrics in enhancing user authentication.
In this interview with ISMG, Dalgleish discusses:
Mobile adoption and fraud...
Prolific Ryuk ransomware has a new trick up its sleeve. "A Ryuk sample with worm-like capabilities - allowing it to spread automatically within networks it infects" was recently discovered during an incident response effort, warns CERT-FR, the French government's computer emergency response team.