In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the importance of incident repose planning; the worldwide impact of the LOg4j flaw, which may lead to 2022 being the year of the SBOM; and the increasingly blurred line between conventional...
Russian authorities have arrested 14 individuals suspected of being part of the notorious REvil, aka Sodinokibi, ransomware operation. Russia's Federal Security Agency, the FSB, said it used intelligence provided by the U.S. to help identify the suspects.
The latest edition of the ISMG Security Report features an analysis of how attackers are distributing Night Sky crypto-locking malware to exploit Log4j vulnerabilities, lessons learned from Log4j and a security flaw that affects some Tesla-built vehicles.
Attackers wielding Night Sky ransomware are among the latest groups that have been attempting to exploit critical vulnerabilities in widely used Apache Log4j software. Microsoft says that among other attacks, a China-based ransomware operator has been exploiting Log4j flaws in VMware Horizon.
The security world continues its fight against potential widespread exploitation of the critical remote code execution vulnerability - tracked as CVE-2021-44229 - in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell" and "Logjam." This is a digest of ISMG's updates.
Cybersecurity in today's world is no longer primarily about the implementation of products or solutions. It is more about the analysis of behavior and the ecosystem. Krishnamurthy Rajesh of ICRA discusses the role of artificial intelligence and the need for collaboration among business functions.
Top U.S. cybersecurity leaders continue to warn against the peril of Apache Log4j vulnerabilities, confirming on Monday that hundreds of millions of devices worldwide are likely affected by the logging utility flaw, although the response, in terms of scope and speed, has been "exceptional."
The EU's law enforcement agency, Europol, has been ordered by a watchdog to not retain for longer than six months any personal data it stores pertaining to individuals who reside in the EU, unless it has ascertained that the individuals are tied to an investigation or criminal activities.
The increasingly connected home is a vulnerable part of the extended enterprise, especially as the line blurs between personal life and work, says Forrester principal analyst Heidi Shey. She encourages organizations to adopt a two-pronged approach to protecting the "work from home" workforce.
With increasing data breaches and ransomware attacks, Nilesh Roy says his top priority is implementing a passwordless environment and securing Spocto's data using its artificial intelligence engine, which processes large amounts of personal financial information without any human intervention.
Sen. Gary Peters, D-Mich., who chairs the Homeland Security and Governmental Affairs Committee, said this week that his committee convened a virtual briefing with both CISA and National Cyber Director Chris Inglis to discuss efforts to mitigate the threat posed by the Log4j vulnerability.
The Apache Log4j vulnerability capped the end of a long year for CISOs and incident responders. Security leaders Pooja Shimpi and Deepayan Chanda discuss how their teams have tackled Log4j - and significant lessons learned about incident response and information sharing.
In the latest update, four ISMG editors discuss key cybersecurity issues, including myth busting from the founder of Zero Trust, the reason behind the surge in high-profile cryptocurrency scams in India and how ransomware attackers routinely lie about their inclinations, motivations and tactics.
The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.
The Apache Log4j vulnerability capped the end of a long year for CISOs and incident responders, and it left them with a mitigation project that carries them well into the New Year. CISOs John Bassett and Martin Dinel discuss how their teams have tackled Log4j - and significant lessons learned.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
