In 2021, Mandiant Threat Intelligence identified 80 zero-days exploited in the wild, which is more than double the previous record volume in 2019. State-sponsored groups continue to be the primary actors exploiting zero-day vulnerabilities, led by Chinese groups.
Join Mandiant’s Erin Joe, SVP of Strategy and...
Unfortunately, in this day and age, protecting assets is more difficult than ever from the corporate point of view. Organizations have spent many years and countless sums of money protecting the perimeter —
so-called “north-south” traffic. Yet agile, adaptive adversaries have found ways to breach perimeter...
The Food and Drug Administration on Thursday issued revamped draft guidance providing updated and detailed recommendations for how medical device makers should address cybersecurity risk in the premarket of their products, especially as the threat landscape continues to evolve.
The integration of third-party components and software is an increasingly critical area of security risk that needs more attention from medical device manufacturers, says Anura Fernando, global head of medical device security at safety certification firm UL.
Every connected device is now considered a part of the Extended Internet of Things (XIoT). When securing XIoT devices that connect to networks, it can be hard to account for all the nuances required to secure them. What simplifies the process of delivering contextually aware threat detection and recommendations is an...
Fortinet's FortiGuard Labs has released its latest Global Threat Landscape Report, and it portrays adversaries who are increasingly more sophisticated and speedy and who are diversifying their attack techniques. Derek Manky tells why organizations need to respond by bolstering the cyber kill chain.
The Log4j vulnerability caused plenty of stress for tech practitioners, and while it’s likely under control now, it’s essential to take the opportunity to learn from these events to improve security.
Join this interactive session to review what the latest Zero Day threat taught us about current security...
Since mid-December, enterprises globally have been responding to the urgency of the Apache Log4j zero-day vulnerability. John Ayers of Optiv discusses Optiv MXDR and how it helps customers detect, respond and provide visibility to protect from potential exploits.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Hellman Worldwide Logistics, one of the world's biggest logistics and shipping firms, is warning that its operations remain disrupted following an online attack of unspecified nature. The attack comes amid a busy season for e-commerce and shipping, with supply lines already stretched thin, experts say.
The fundamental basis of threat modeling is identifying, communicating and managing security weaknesses. The key principle underpinning threat modeling is “secure design” which means in practice addressing design flaws. Ideally threat modeling activities will take place from the inception of the project at the...
Applications aren't the only iterative processes that today's developers have to contend with. Security has become of prime importance to organisations and their end users, with some teams finding that they're having to wrestle between speed and security to get the job done. It doesn't have to be this way. In this...
Discover how ABN Amro built a self-service threat modeling process for DevOps and scaled secure design across its organisation. ABN Amro reached out to IriusRisk as they embarked on a major digital transformation program - Project Apollo - moving from their private data centers to the cloud - which would affect 500+...
In ransomware attacks, cybercriminals attack through the backups because they know that security practitioners rely on backups to save themselves after a ransomware attack. Therefore, it is essential to have multiple backups, says Tom Kellermann, head of cybersecurity strategy at VMware.
Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
