The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
The latest edition of the ISMG Security Report features an analysis of British spy chief Jeremy Fleming’s "cybersecurity call to arms." Also featured: Insights on COVID-19 business continuity planning; the wisdom of the late Dan Kaminsky.
Cybersecurity awareness training is one of the most important things you can do to secure your organization. But starting a new program may seem daunting. Maintaining one that keeps your users engaged, changes their behavior and reduces your organization’s exposure to threats might be an even bigger challenge....
Ransomware continues to prove a reliable moneymaker for criminals, with the average cyber extortion payoff rising to $220,298, reports ransomware incident response firm Coveware. Zero-day attacks and shakedowns targeting Accellion File Transfer Appliance users helped boost criminals' profits.
An "update" pushed out earlier this year by law enforcement agencies, including Europol, on Sunday began erasing Emotet malware from infected devices worldwide, Malwarebytes reports. The move comes after the FBI recently remotely removed web shells from vulnerable on-premises Microsoft Exchange servers.
An advanced persistent threat group gained long-term access to an unnamed entity's network through its Ivanti Pulse Secure VPN and SolarWinds' Orion server and then installed Supernova malware, according to the U.S. Cybersecurity and Infrastructure Security Agency.
Has the CEO of inaccessible Turkish cryptocurrency exchange Thodex exit-scammed, fleeing the country with $2 billion worth of his customers' assets? So say critics, and police have launched an investigation. But the CEO, Faruk Fatih Ozer, who's in Albania, has vowed to clear his name and restore users' funds.
The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.
Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than award-winning author and Data-Driven Defense Evangelist at KnowBe4, Roger Grimes. While researching his most recent book Hacking...
The REvil - aka Sodinokibi - ransomware gang is threatening to release stolen Apple device blueprints unless it receives a massive payoff. The extortion threat - with a reported $50 million opening demand - was unveiled hours before Apple made a series of major new product announcements.
The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that federal agencies and other entities have been compromised by two attack groups, with one possibly acting on behalf of the Chinese government. The groups are exploiting vulnerabilities in Ivanti's Pulse Connect Secure.
A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.
Can your organization provide a seamless digital experience with immediate account access, and stand up to the highest standards in safeguarding customers’ assets?
When consumers fall victim to fraud, they expect their financial services organization (FSO) to help them resolve the issue. And when the firm...
Codecov, a company that tests software code prior to release, has notified customers that attackers had access to its network for a month and placed malware in one of its systems, which may have led to the exfiltration of customers' information.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
