Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.
The prolific Maze ransomware gang has been tied to yet more attacks, including against Singapore-based defense contractor ST Engineering's North American subsidiary, VT San Antonio Aerospace. Separately, the ransomware gang breached systems at nuclear missile contractor Westech.
A robust customer identity and access management strategy is critical to digital success for today's financial institutions. Eugenio Pace of Auth0 and Paul Bedi of IDMWORKS discuss CIAM in the age of the remote worker.
Too many enterprises remain chained to outdated and vulnerable identity and access management technologies - legacy systems that rely on passwords, eat budgets and kill productivity. Baber Amin of Ping Identity and Cody Cook of ProofID preview a new virtual roundtable on Modern IAM.
Bobby Ford, CISO of Unilever, a multinational consumer goods firm, says the shift to a work-from-home environment requires an intensified focus on email security as well as identity and access management.
The latest edition of the ISMG Security Report sizes up progress made so far on identity management and the work yet to be done. Also featured: how security concerns are holding back IoT projects and the privacy issues raised by recording videoconferences.
How big is the step from humans using drones to kill other humans to building lethal autonomous weapons systems that can kill on their own? Ethically and technologically, that's a huge leap. But military planners are working to build what some call "killer robots." And the UN wants them banned.
How have the cybersecurity challenges facing healthcare organizations changed during the COVID-19 pandemic? And how are organizations responding? Information Security Media Group's Healthcare Cybersecurity Virtual Summit, to be held on June 9 and replayed June 10 and 11, will provide insights.
Worries over ransomware and malware are slowing down enterprise IoT deployments, which is a reflection of the reputational and customer relationship risks at stake, according to a new survey. Here's what enterprises need to keep in mind when selecting security technology for IoT.
Not all data breaches are what they might seem, and not all leakers are who they might claim to be. Take the doxing of the Minneapolis Police Department, supposedly by Anonymous hacktivists: The leaked employee information was almost certainly culled from old breaches. So who did it, and why?
Jeremy Grant has spent more than two decades championing the cause of secure digital identities. But as the COVID-19 pandemic has created a remote workforce of unprecedented scale seemingly overnight, are current approaches to securing the identity management and attestation practice up to the challenge?
Even after being notified that their personal data has been compromised in a breach, only about a third of users change their passwords - and most are not strong or unique, according to a study by researchers at Carnegie Mellon University, who call for changes in breach notification procedures.
The world has experienced an unprecedented business disruption that instantly created the largest remote workforce - and largest attack surface - in history. How do you validate users and access in this new dynamic workforce? RSA's Steve Schlarman and Ben Smith preview an upcoming series of virtual roundtables.
An independent security researcher disclosed a zero-day vulnerability contained in the "Sign in with Apple" feature that, if exploited, could have resulted in a full account takeover. The vulnerability has been patched, and Apple says it found no account misuse tied to it.
Verizon's Data Breach Investigations Report 2020 highlights the leading causes of breaches last year, including credential theft, phishing, ransomware as well as issues linked to cloud implementations and web applications. In an interview, Verizon's Ashish Thapar offers an in-depth analysis.