Four editors at Information Security Media Group review the latest cybersecurity issues, including Microsoft Exchange server hacks, insider threat management and implementing a "collective defense."
Users of the OpenSSL crypto library should upgrade immediately to the latest version to eliminate serious flaws that attackers could exploit to shut down servers, some security experts warn.
The FBI and the U.S. Department of Homeland Security have issued a warning about Mamba ransomware that uses a weaponized version of the legitimate, open-source encryption software DiskCryptor to lock victims out of their systems.
The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.
The SolarWinds supply chain attack demonstrates that Russian intelligence services have learned from previous operations and adjusted their tactics, says Dmitri Alperovitch, the former CTO of security firm CrowdStrike, which investigated Russian interference in the 2016 election.
The Council of the European Union has adopted a new cybersecurity strategy aimed at protecting EU citizens and businesses from cyberthreats by promoting best practices, such as strong encryption and threat information sharing.
Criminals continue to target on-premises Microsoft Exchange servers that have not yet been updated with four critical patches, including for a ProxyLogon flaw, which is now being targeted by Black Kingdom ransomware. One expert describes the attack code as being "rudimentary and amateurish" but still a threat.
What's that IoT device on your network? A lot of organizations may not know. That's why Gartner analyst Tim Zimmerman says enterprises need to create IoT security policies and governance rules to reduce risk.
The REvil ransomware gang has added a new malware capability that enables the attackers to reboot an infected device after encryption, security researchers at MalwareHunterTeam report.
The SolarWinds supply chain attackers manipulated OAuth app certificates to maintain persistence and access privileged resources, including email, according to researchers at Proofpoint.
As digital payments have skyrocketed as a result of the surge in e-commerce during the pandemic, more organizations have provided feedback on enhancing EMVCo's specifications to help fight fraud, two executives with the global technical body say.
The Accellion File Transfer Appliance data breach continues to cause anguish. The energy company Shell has disclosed that it has been affected. Meanwhile, some customers of a Michigan-based bank have been informed that personally identifiable data has been exposed via the FTA breach.
Insider threat programs can help significantly reduce the chance of system compromise or breach. This can help organizations save substantial amounts of money and avoid loss of brand reputation and customer trust.
Download this guide to learn how to build your insider threat program with tips like determining...
While an external attacker trying to gain access to the network might raise a number of flags, someone internally who steals information might not raise any suspicion at all. This leaves organizations vulnerable to insider threats.
Download this guide to learn about three tools and methods that can help you detect...
As the workforce trends toward remote work, insider threats remain one of the top causes of security breaches.
Faster detection and response to insider threats helps avoid a major data breach that would put your organization at risk of making news headlines.
Keep your corporate data secure by adapting to new...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.
